chvancooten / nimplant Goto Github PK

Currently NimPlant only offers GUI commands for upload, execute-assembly, and inline-execute. For a proper UI experience, another GUI command should be added for the shinject module, where uploading shellcode is allowed.

in patches.nim file, i have installed

import winim/lean
import dynlib
import strenc

but when compile, it still happened the above error, and i have search "obf" globally, can't found it defination

When I run this it works fine without any additional quotes (could be the problem)
When I run this

It somehow just prints the help menu of the tool without doing what I want.
Any idea?

• This issue is not about OPSEC or bypassing defensive products
• I have followed the steps in the Troubleshooting section

OS and version:
ubuntu 22.04

Python version:
Python 3.10.1

Nim version:
Nim Compiler Version 1.6.12 [Linux: amd64]

Using Docker: Yes/No
No

Issue Description
When a target computer use unicode in their username / computername like Russian or Chineese or else it doesn't manage to communicate properly with the server.
following is the error :
An unexpected exception occurred when handling command: TypeError('unsupported format string passed to NoneType.format')

Screenshots

Currently, the Ekko sleep mask feature only works with the normal executable payloads and not with DLL/shellcode since it targets the parent process' base image for encryption. This is a known issue with Ekko described in this blog.

With some research, the Ekko module could be enhanced to target only the correct section of the present payload for encryption.

──╼ $cat /etc/os-release 
PRETTY_NAME="Parrot OS 5.3 (Electro Ara)"
NAME="Parrot OS"
VERSION_ID="5.3"
VERSION="5.3 (Electro Ara)"
VERSION_CODENAME=ara
ID=parrot
ID_LIKE=debian

──╼ $python3 --version
Python 3.9.2
┌─[parrot@parrot]─[~/NimPlant]
└──╼ $nim --version
Nim Compiler Version 2.0.0 [Linux: amd64]
Compiled at 2023-08-01

Using Docker: No

Issue Description

Compiling error when installing on Parrot OS. Tried the same with kali and it works well.

Compiling .exe for NimPlant
/home/parrot/.nimble/pkgs2/winregistry-1.0.0-30462eb902c219db72c018c4c3669ecaee08e107/winregistry.nim(66, 6) Error: undeclared identifier: 'useWinUnicode'
candidates (edit distance, scope distance); see '--spellSuggest': 
 (8, 2): 'NimNode'

There was one error when installing dependancies through:

└──╼ $python3 -m pip install -r requirements.txt 
Ignoring prompt-toolkit: markers 'sys_platform == "win32"' don't match your environment

• This issue is not about OPSEC or bypassing defensive products

Feature Description
Would be great to have a screenshot feature where you can decide if you want to take 1 screenshot or a screenwatch like in CS :) How can this be implemented? Maybe I can help out some 👍

• This issue is not about OPSEC or bypassing defensive products

Feature Description
View the files of the current host through the GUI, as well as download and upload.Like cs.

• This issue is not about OPSEC or bypassing defensive products

Feature Description
Would be nice to add a feature that allows to issue the screenshot feature every second for a specific amount of time like in CS

Great work here bro. I am looking to review this under my C2 reviews.

I am running the server on Kali Linux, but encountering errors while attempting to generate the compile command and add it to the Client/bin directory.

the "all" command generates this:

Compiling .exe for NimPlant
/home/kali/Desktop/NimPlant/client/util/functions.nim(1, 8) Error: cannot open file: parsetoml
Compiling self-deleting .exe for NimPlant
/home/kali/Desktop/NimPlant/client/util/functions.nim(1, 8) Error: cannot open file: parsetoml
Compiling .dll for NimPlant
/home/kali/Desktop/NimPlant/client/util/functions.nim(1, 8) Error: cannot open file: parsetoml
Compiling .bin for NimPlant
/home/kali/Desktop/NimPlant/client/util/functions.nim(1, 8) Error: cannot open file: parsetoml
Traceback (most recent call last):
File "/home/kali/Desktop/NimPlant/NimPlant.py", line 229, in
compile_implant(implant, binary, xor_key)
File "/home/kali/Desktop/NimPlant/NimPlant.py", line 109, in compile_implant
compile_function("raw", xor_key)
File "/home/kali/Desktop/NimPlant/NimPlant.py", line 189, in compile_nim
dll = open("client/bin/NimPlant.dll", "rb").read()
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
FileNotFoundError: [Errno 2] No such file or directory: 'client/bin/NimPlant.dll'

I did try: pip install toml - no luck.

Any help would be great.
Thanks
Ace

This issue is not about OPSEC or bypassing defensive products

I hope ur doing well,
just wanted to ask about the WAN option,
Can I run it over WAN rather than the Local network?
I changed the listeners IP address in the config.toml file to my public IP address, but when running server, i get the following log:

[19/05/2023 08:39:57] Existing server session found, restoring...
[19/05/2023 08:39:57] Started management server on http://127.0.0.1:31337.
[19/05/2023 08:39:57] Started NimPlant listener on MYPUBLICIP: MYPORT. CTRL-C to cancel waiting for NimPlants.
[19/05/2023 08:39:57] ERROR: Error setting up the web server. Verify listener settings in 'config.toml'. Exception: [Errno 99] Cannot assign requested address: ('MYPUBLICIP', MYPORT)

thanks! :)

delete

• This issue is not about OPSEC or bypassing defensive products

Feature Description
It would be nice to add a column in the download page where you can see what computer is related to the downloaded file.

Hey all, when I compile a dll, I see that the entrypoint is "Update", and I took a quick look at the .nim file to verify. When I attempt to run "rundll32.exe NimPlant.dll,Update" It give me an error saying "There was a problem starting NimPlant.dll, The specific module could not be found"

Any ideas, anyone else getting this too? This is a fully out of the box run of a compiled dll, I havent changed anything. I was able to get exe to send back a shell just fine.

I will submit a pull soon.

Issue Description

The code was not easily identifiable, making it more difficult to maintain or identify areas for modification.

E.g.

For some reason the Server header is encoded in hex. If it was in just plain text we could grep for the string and change it.

Improvement

Put the cleartext server header in the code instead of the hex representation because it's running on the server anyways.

Also, what was the reason to use base16 on it? It's unlikely anyone would run this on the target system with Python installed, so obfuscation isn't really necessary.

• This issue is not about OPSEC or bypassing defensive products
• I have followed the steps in the Troubleshooting section

OS and version: ubuntu 20.04
Python version: 3
Nim version: 1.6
Using Docker: No

Issue Description
The cd command doesn't work. Directory does not change.

Screenshots

• This issue is not about OPSEC or bypassing defensive products

Feature Description

It would be nice if you Add this feature where user can see live web cam and get location.

Before starting I want you to note that there's no Security solution present on the testing Windows-10 Updated machine. Everything form Defender to Firewall was turned off

I tried to pack the Pack Nimplant's generated binary "NimPlant.exe" into Nimcrypt2, just to see what will be it's behavior and working
On execution I gave me a callback, but after 10-15 seconds I session died!

After then I through that it's because of some error in NimCrypt2, so I bought a private Nim Based Crypter and tried to do same, but this time also after 10-15 seconds the NimPlant's Process get terminated itself. Why ???

Please set sleep time from 60 seconds to 10 seconds to see visible results faster.
Just clone Nimcrypt2 and run it on NimPlant's generated binary and check it yourself

Issue Description

Reg command appears to not work:

Nor does: reg query HKCU Software