Giter VIP home page Giter VIP logo

Comments (9)

yaap7 avatar yaap7 commented on August 23, 2024 4

Same issue here with 2012 R2 Standard (6.3.9600) and .NET Framework version 4.0.30319.42000.

In Server/listeners/http.py, line 66:

ssl_context.set_ciphers('ECDHE+AESGCM')

I just commented out this line and the stager was able to connect.

In my opinion, the ciphers used in ST are too restrictive (which is a good point for security) but in this context I think we could be more lax.
What do you think about configuring a more permissive set of ciphers?

from silenttrinity.

byt3bl33d3r avatar byt3bl33d3r commented on August 23, 2024

I'm pretty sure that's because .NET 4.5 isn't installed on windows 8.1 embedded by default. Only .NET 4.5 supports the newest TLS ciphers that ST uses.

Feel free to do some debugging tho.

from silenttrinity.

davidtavarez avatar davidtavarez commented on August 23, 2024

Could you give more details? How did you generate the stager? How did you run it? Can you give more information about the Windows machine? What shows you when you execute: systeminfo | findstr /C:"OS"?

Thanks.

from silenttrinity.

RayofLightz avatar RayofLightz commented on August 23, 2024

The systeminfo | findstr "OS" gives me 6.3.9.96000 N/A Build 96000

from silenttrinity.

RayofLightz avatar RayofLightz commented on August 23, 2024

Is their anyway I could get the deobfuscated c# build source code? The windows box I am using is just for hopefully contributing to this project so I could always manually install the newest version of the dot net framework, but if I could hack together a stagger that would work for both windows 10 and 8.1...

from silenttrinity.

byt3bl33d3r avatar byt3bl33d3r commented on August 23, 2024

@RayofLightz Open the visual studio solution and you should be good to go.

from silenttrinity.

MikeLim7 avatar MikeLim7 commented on August 23, 2024

Agree with @yaap7, only Windows 10 and Server 2016 supports ECDHE+AESGCM. Win8.1, Server 2012 R2 and older Windows versions support ECDHE+AES. Besides commenting out, another alternative is probably set_ciphers('ECHDE+AESGCM:ECDH+AES').

Full cipher list at https://docs.microsoft.com/en-us/windows/desktop/secauthn/cipher-suites-in-schannel

from silenttrinity.

byt3bl33d3r avatar byt3bl33d3r commented on August 23, 2024

This should have been fixed in the c2_crypto branch, feel free to try it out and report back :)

from silenttrinity.

byt3bl33d3r avatar byt3bl33d3r commented on August 23, 2024

This was fixed in 69530ae

from silenttrinity.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.