Possible Issue with install

Question

Possible Issue with install

ceramic-skate0 opened this issue 4 years ago · 3 comments

I had an earlier version installed for testing and tried to install this one (install appears to have worked fine. But i get the following error when running script. I think the submodule isnt being downloaded (i did try to download it as well). But im not sure any help is appreciated.

`root@Kali: EXCELntDonut -f templates/processInjection.cs

| \ / / | | | _ __ | || _ \ ___ _ __ _ | |
| | \ / | | | | | | ' | | | | |/ _ | ' | | | | |
| | / \ || || || | | | || || | () | | | | || | |_
|//__||_|| ||_|___/ _/|| ||_,|__|
by @joeleonjr (@FortyNorthSec)
[i] Generating your x86 .NET assembly.
[i] Generating shellcode from x86 .NET assembly file.
[i] Removing null bytes from x86 shellcode with msfvenom
Attempting to read payload from STDIN...
Found 11 compatible encoders
Attempting to encode payload with 1 iterations of x86/shikata_ga_nai
x86/shikata_ga_nai failed with Encoding failed due to a bad character (index=209, char=0x00)
Attempting to encode payload with 1 iterations of generic/none
generic/none failed with Encoding failed due to a bad character (index=3, char=0x00)
Attempting to encode payload with 1 iterations of x86/call4_dword_xor
x86/call4_dword_xor failed with A key could not be found for the Call+4 Dword XOR Encoder encoder.
Attempting to encode payload with 1 iterations of x86/countdown
x86/countdown failed with Encoding failed due to a bad character (index=72, char=0x00)
Attempting to encode payload with 1 iterations of x86/fnstenv_mov
x86/fnstenv_mov failed with A key could not be found for the Variable-length Fnstenv/mov Dword XOR Encoder encoder.
Attempting to encode payload with 1 iterations of x86/jmp_call_additive
x86/jmp_call_additive failed with Encoding failed due to a bad character (index=633, char=0x00)
Attempting to encode payload with 1 iterations of x86/xor_dynamic
x86/xor_dynamic succeeded with size 30683 (iteration=0)
x86/xor_dynamic chosen with final size 30683
Payload size: 30683 bytes
Saved as: _excelntdonut_NqeDGNigJTo2.bin
[i] Null bytes removed for x86.
[i] Generating your x64 .NET assembly.
[i] Generating shellcode from x64 .NET assembly file.
Traceback (most recent call last):
File "/usr/local/bin/EXCELntDonut", line 11, in
load_entry_point('EXCELntDonut', 'console_scripts', 'EXCELntDonut')()
File "/home/user/EXCELntDonut/EXCELntDonut/drive.py", line 77, in main
x64Shellcode, x64Size, x64Count = generateShellcode(args,'x64')
File "/home/user/EXCELntDonut/EXCELntDonut/drive.py", line 198, in generateShellcode
s = generateCLRvoyanceShellcode(randExeName)
File "/home/user/EXCELntDonut/EXCELntDonut/drive.py", line 524, in generateCLRvoyanceShellcode
bootstrap = open(path + "/CLRvoyance/sc-64-clr", 'rb').read()
FileNotFoundError: [Errno 2] No such file or directory: '/home/user/EXCELntDonut/EXCELntDonut/CLRvoyance/sc-64-clr'`

Answer 1 · 2020-09-10T18:45:50.000Z

when files from https://github.com/Accenture/CLRvoyance are put in place of the missing file exception i no longer throw error.

Answer 2 · 2020-09-11T14:00:27.000Z

pull request #7 is what i did to fix it as well. i havent tested it thou

Answer 3 · 2020-09-23T22:21:08.000Z

Fix has been merged in. Thanks for raising the issue!