search

t3l3machus / Villain

Villain is a high level stage 0/1 C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities) and share them among connected sibling servers (Villain instances running on different machines).
Other
3.64k stars 590 forks source link

HoaxShell linux payload issue #105

Closed oldkingcone closed 1 year ago

oldkingcone commented 1 year ago

Hello there! looks like the setup for the HoaxShell linux payload is bugged, position 2 appears to either be empty or out of range entirely.

Heres the error:

----------------------------------------
Exception occurred during processing of request from ('hack.the.box.ip.address', 36930)
Traceback (most recent call last):
  File "/usr/lib64/python3.10/socketserver.py", line 316, in _handle_request_noblock
    self.process_request(request, client_address)
  File "/usr/lib64/python3.10/socketserver.py", line 347, in process_request
    self.finish_request(request, client_address)
  File "/usr/lib64/python3.10/socketserver.py", line 360, in finish_request
    self.RequestHandlerClass(request, client_address, self)
  File "/usr/lib64/python3.10/socketserver.py", line 747, in __init__
    self.handle()
  File "/usr/lib64/python3.10/http/server.py", line 433, in handle
    self.handle_one_request()
  File "/usr/lib64/python3.10/http/server.py", line 421, in handle_one_request
    method()
  File "[ TRUNCATED ]/Villain/Core/villain_core.py", line 1095, in do_GET
    Sessions_Manager.active_sessions[session_id]['Username'] = url_split[2]
IndexError: list index out of range
----------------------------------------
t3l3machus commented 1 year ago

@oldkingcone better late than never, I added a dirty patch for that, thanks!