Comments (6)
According to that output, it seems that you are compiling the generated exe with the csharp
type and not the raw
type. As stated in my first comment on this thread, please try generating the exe with the following arguments for the raw shellcode generated by Cobalt Strike, as the csharp type you are supplying to the tool will NOT work with that:
./nimcrypt -f payload.bin -t raw -v
If you need further assistance, I've made a short video demonstrating the complete process using Cobalt Strike 4.4 and Windows Server 2019 Datacenter. Everything should work for you with no issues if you follow it step by step: https://www.youtube.com/watch?v=3cEbRc61XMM
from nimcrypt2.
Hello! I looked into this and confirmed I was able to successfully load Cobalt Strike 4.5 staged & stageless raw shellcode on the following systems:
- Windows 10 21H2 (10.0.19044)
- Windows 10 21H1 (10.0.19043)
- Windows Server 2019 (10.0.17763)
This was done using the following arguments to create the executable:
./nimcrypt -f payload.bin -t raw -v
Make sure you are exporting the beacon/stager as the "raw" output type and try running it again with the arguments above. If it still doesn't work, feel free to send over the verbose output that the exe shows when run and that could help us debug further.
I would also recommend trying to use Metasploit's windows/x64/exec or Meterpreter shellcode in the raw format to see if those work for you. That would help figure out if your issues are Cobalt Strike specific or if there's a bigger problem going on.
from nimcrypt2.
hi,I use ubuntu18 and install all dependencies as required, the same cs server I can make sure that the network is connected to each other. This is a detailed screenshot of my output.
Cs4.4 can go online using powershell, but it cannot go online using the generated exe.
My system version Microsoft Windows Server 2019 Datacenter (10.0.17763)
from nimcrypt2.
Apologies if I was unclear - I was asking for the verbose output shown by the generated exe when executed on the target Windows system. It should look something like this:
This output will hopefully show us at which step the generated exe is failing so I can attempt to help you further. Otherwise there is really no way for me to tell what's happening.
from nimcrypt2.
from nimcrypt2.
Closing this issue for now as it's been over a month since the last reply and I think we figured out your issue.
from nimcrypt2.
Related Issues (16)
- Generating a DLL HOT 1
- FAILED to write decoded payload to allocated memory: 1
- Issue executing PE file HOT 2
- Limits.h file not found HOT 3
- Cannot compile x86 binary
- How to build Obfuscator-LLVM HOT 2
- Cannot run output file from a x64bit PE. HOT 1
- unhook ntdll false HOT 1
- Error: cannot open file: nimcrypto HOT 4
- cannot execute the output file HOT 6
- Error: cannot open file: strenc [!] Stub compilation failed! Check stub for errors.
- Setting up Obfuscator-LLVM HOT 9
- how to implement "-mwindows" for wclang HOT 3
- Add Self Injection HOT 2
- Error: unhandled exception: unable to invoke specified member: Invoke (0x80131604) [CLRError] HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nimcrypt2.