Comments (15)
- 1º- i need a
screenshot
to see the error .. - 2º - do you have netcat installed on attacker machine ???
because amsi evasion agents nº 1, 2, 3 requires netcat listenner ...
Remark:
amsi evasion agent nº 4 does not use netcat
Listenner, it uses powershell
to recive the tcp connection back.
Manual start netcat listenner
sudo nc -lvp <port number>
Note-To-Self
Amsi Evasion sub-menu does not check for the existence of netcat
on attacker side ..
because netcat its by default installed on linux distros ...TODO: add a netcat check ???...
from venom.
So do i need to install netcat on target machine? Because I already have netcat installed on kali linux
from venom.
netcat its only needed in attacker machine (listenner)
something its wrong with your netcat install ..
Execute the follow commands to check if nc its working fine
sudo nc -lvp <port number>
xterm -T "netcat" -e "sudo nc -lvp <port number>"
<-- this is the command venom uses to spawn the netcat listenner (handler)
from venom.
Ok and as you told that you need to install xterm for chars.raw, so will pip install xterm work?
from venom.
pip
its for PYTHON
...
apt-get install xterm <-- its the command we need to install xterm ..
Thats why your listenner does not start,, because it requires xterm
console to spawn netcat
..
xterm oficial webpage
from venom.
Ok, And on the Windows machine do I haveto start the netcat listener? or the.ps1 file will start it when ran
from venom.
Hi
I am trying the Windows Os Payloads in that I am trying number 20.
I run this attack and all i see is this console window. Even Windows Defender detected it.
from venom.
HI
File Less stager works now, But what can i do from netcat? Can i execute system commands? Or open Notepad?
from venom.
#63 (comment) <-- thats the reason why i have written amsi evasion sub-menu
because those technics are beeing detected now ..
#63 (comment) <-- netcat gives you access to a console prompt were you can use since cmd commands to powershell commands (the sky its the limit if you are familiarized with those languages) ... in other words: netcat allow you to interact with everything on remote host programatecly ..
from venom.
So can i execute any command or something? Or may be upload files or download them? And can you give tips on manually making these files more Undetectable?
from venom.
you can not upload/download files only by using netcat ..
but we can use netcat
to spawn for example ftp
service that allow us to upload/download ..
Obfuscation: https://github.com/r00t-3xp10it/hacking-material-books/blob/master/obfuscation/simple_obfuscation.md
from venom.
Alright!
I just have one question now, How can I execute commands while I have the connection on Netcat?
from venom.
HI
I had a question that in Python, We can do process migration? Because I have made my own backdoor in python and now i want that it should run under a parent process such as explorer.exe
from venom.
- 1º - netcat allow you to use almost all languages availabe (intalled) on target machine ...
that means we have access to cmd, powershell, etc.. or interact with applications/services/etc ...
Examples
netstat -ano
<-- use native appl netstat to display a list of tcp/udp connections
cmd.exe /c reg add 'hkcu/software/microsoft/startup /t reg_dword /d 1 /f'
<-- use cmd.exe to add registry key
- 2º - migration can be done using any language ...
but i dont use very oven python so iam not the rigth perso to respond to that question ..
from venom.
Hi!
I was thinking that how can we convert our python backdoor to .ps1? Or a macro file? To XML?
from venom.
Related Issues (20)
- ./setup.sh: 7431: xterm: not found plase help HOT 1
- [AWK] problem Installing dependencies under MacBook-Pro HOT 10
- { zenity error } HOT 4
- ./venom.sh: 7636: xterm: not found HOT 4
- [x] Script execution aborted .. {zenity} HOT 5
- metasploit LHOST bad configuration .. HOT 4
- Agent specification HOT 1
- VENOM does not work under WINDOWS distros .. HOT 17
- Termux HOT 1
- i'm working on a new solution to make fud payloads again HOT 1
- Warning
- not work in remote smartphone
- ISSU HOT 2
- Abort module execution .. HOT 1
- Please help me
- problem with generating dll
- Plz update
- download and use issue
- DOES IT WORK ON WINDOWS 11 HOT 1
- Everything works fine but when I choose an option it says "Abort Model Execution" HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from venom.