profile
viewpoint
ChrisTruncer ChrisTruncer @FortyNorthSecurity https://www.fortynorthsecurity.com A red teamer and tool developer

FortyNorthSecurity/EyeWitness 2544

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

Arvanaghi/CheckPlease 528

Sandbox evasion modules written in PowerShell, Python, Go, Ruby, C, C#, Perl, and Rust.

FortyNorthSecurity/Just-Metadata 527

Just-Metadata is a tool that gathers and analyzes metadata about IP addresses. It attempts to find relationships between systems within a large dataset.

ChrisTruncer/PenTestScripts 443

Scripts that are useful for me on pen tests

FortyNorthSecurity/Egress-Assess 358

Egress-Assess is a tool used to test egress data detection capabilities

FortyNorthSecurity/AggressorAssessor 109

Aggressor scripts for phases of a pen test or red team assessment

digininja/GitHunter 55

A tool for searching a Git repository for interesting content

ChrisTruncer/mikto 41

Script to automate, manage, and multithread Nikto scans.

FortyNorthSecurity/Hasher 41

Hasher is designed to be a tool that allows you to quickly hash plaintext strings, or compare hashed values with a plaintext locally. Not meant to crack passwords, but designed for local checks.

ChrisTruncer/gnmap-parser 18

Script to parse multiple Nmap .gnmap exports into various plain-text formats for easy analysis.

issue closedFortyNorthSecurity/EyeWitness

Dies with encoding exception

OS Used - ALL Information (architecture, linux flavor, etc.)

Debian Linux - Buster

Pastebin link to error you are encountering

Expected behavior (vs. what you encountered)

Expect program to finish, dies with exception below.

Any additional information

Traceback (most recent call last):
  File "/usr/lib/python3.7/multiprocessing/process.py", line 297, in _bootstrap
    self.run()
  File "/usr/lib/python3.7/multiprocessing/process.py", line 99, in run
    self._target(*self._args, **self._kwargs)
  File "./EyeWitness.py", line 284, in worker_thread
    cli_parsed, http_object, driver)
  File "/home/user/Apps/EyeWitness/Python/modules/selenium_module.py", line 273, in capture_host
    http_object.source_code = driver.page_source.encode('utf-8')
AttributeError: 'NoneType' object has no attribute 'encode'

closed time in 6 days

s3c

issue commentFortyNorthSecurity/EyeWitness

Dies with encoding exception

For the meantime then, I am planning on leaving this in here. I don't want to just do a catch for it because I want to get a URL where this consistently happens and build a proper exception for it.

Thanks for submitting this, and in you can reproduce this with a URL please submit it to me and I'll look to build this out.

s3c

comment created time in 6 days

issue commentFortyNorthSecurity/EyeWitness

Dies with encoding exception

can you provide the URL that was causing this error?

s3c

comment created time in 7 days

issue closedVeil-Framework/Veil

veil frame work not instaling properly

Veil version

OS Used - all info (architecture, linux flavor, etc)

How did you install Veil? (Apt, Clone from Github, etc.)

Did you run the setup script?

Pastebin link to error you are encountering (include console actions you took prior to error)

Expected behavior

Any additional info you want to tell me

closed time in 8 days

Puchu-Create

issue closedVeil-Framework/Veil

veil framework was showing that i didn't install wine32 plsease help mer tho those solutions

Veil version

OS Used - all info (architecture, linux flavor, etc)

How did you install Veil? (Apt, Clone from Github, etc.)

Did you run the setup script?

Pastebin link to error you are encountering (include console actions you took prior to error)

Expected behavior

Any additional info you want to tell me

closed time in 8 days

Puchu-Create

issue closedVeil-Framework/Veil

Traceback (most recent call last): File "./Veil.py", line 10, in <module> from lib.common import orchestra File "/home/sanjeevkumar/Desktop/Veil/lib/common/orchestra.py", line 7, in <module> import readline

Veil version

OS Used - all info (architecture, linux flavor, etc)

How did you install Veil? (Apt, Clone from Github, etc.)

Did you run the setup script?

Pastebin link to error you are encountering (include console actions you took prior to error)

Expected behavior

Any additional info you want to tell me

closed time in 13 days

bcskking

issue commentFortyNorthSecurity/EyeWitness

WebDriverError / "Unknown error while attempting to screenshot"

Yup, you were right, I didn’t handle that correctly. I just pushed in the fix for that too.

Thanks!

BeanBagKing

comment created time in 22 days

created tagFortyNorthSecurity/EyeWitness

tagv20200712.1

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

created time in 22 days

release FortyNorthSecurity/EyeWitness

v20200712.1

released time in 22 days

push eventFortyNorthSecurity/EyeWitness

Christopher Truncer

commit sha 2156a44a9b3598afd43dee4d8bda076e0dcef529

Fixed string concatenation

view details

push time in 22 days

created tagFortyNorthSecurity/EyeWitness

tagv20200709.1

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

created time in 25 days

release FortyNorthSecurity/EyeWitness

v20200709.1

released time in 25 days

issue closedFortyNorthSecurity/EyeWitness

WebDriverError / "Unknown error while attempting to screenshot"

OS Used - ALL Information (architecture, linux flavor, etc.)

New/Weekly build of Kali (kali-linux-2020-W28-installer-amd64) / Linux hostname 5.6.0-kali2-amd64 #1 SMP Debian 5.6.14-2kali1 (2020-06-10) x86_64 GNU/Linux

I did not install eyewitness via apt. I cloned the repo and ran setup.sh

Pastebin link to error you are encountering

./EyeWitness.py --single 192.168.1.107

Attempting to screenshot http://192.168.1.107
[*] WebDriverError when connecting to http://192.168.1.107

Correcting for this results in a screenshot being taken, but a report with an error message of "Unknown error while attempting to screenshot" in the column where the screenshot should be.

Expected behavior (vs. what you encountered)

Plethora of screenshots

Any additional information

This is some pretty old IoT stuff that I'm attempting to inventory. I have the feeling that this is related to SSL/TLS ciphers, but I just can't get things to work. Visiting the page in Firefox results in the following error:

Secure Connection Failed

An error occurred during a connection to 192.168.1.107. SSL received a record with an incorrect Message Authentication Code. Error code: SSL_ERROR_BAD_MAC_READ

    The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
    Please contact the website owners to inform them of this problem.

Learn more…

Chromium results in:

This site can’t provide a secure connection
192.168.1.107 sent an invalid response.
ERR_SSL_PROTOCOL_ERROR

So my thought was to proxy traffic through Burp and let Burp handle the TLS connection. After installing the certificate and configuring proxy settings, I can now get to the login page on either Firefox Or Chromium. However, when trying to screenshot the page, I get odd behavior. The report seems to finish successfully, but I have the error "Unknown error while attempting to screenshot" in my report

Report Generated on 07/07/2020 at 16:30:17
Web Request Info	Web Screenshot
http://192.168.1.107
Unknown error while attempting to screenshot

I also see the following error lines on the terminal:

Would you like to open the report now? [Y/n]
y
<snip>
user@hostname:~/EyeWitness/Python$ [25603:25603:0707/163038.151501:ERROR:edid_parser.cc(102)] Too short EDID data: manufacturer id
libva error: vaGetDriverNameByIndex() failed with unknown libva error, driver_name = (null)
[25644:25644:0707/163038.432194:ERROR:vaapi_wrapper.cc(480)] vaInitialize failed: unknown libva error
[25644:25644:0707/163038.489196:ERROR:sandbox_linux.cc(374)] InitializeSandbox() called with multiple threads in process gpu-process.

user@hostname:~/EyeWitness/Python$

However, there is a correct screenshot within the "screens" folder. I'm not sure at all why it's saying Unknown error. I'm not sure if it's related to using Burp, thus the annoyingly long background story for this. TL;DR I guess is that it works, however, this report will include a massive number of systems, so it's desirable to have the screenshot in the report, and not have to manually sort through the screens folder.

The Burp options are pretty much at their default now, intercept is off, but it still takes a -long- time to request these pages (longer than I feel it should, thus the 60 second timeout).

I know the original problem was related to SSL/TLS settings, so I'm including the testssl.sh results below in case they are useful regarding the webdrivererror issue.

###########################################################
    testssl.sh       3.1dev from https://testssl.sh/dev/
    (6071ae9 2020-07-07 15:53:49 -- )

      This program is free software. Distribution and
             modification under GPLv2 permitted.
      USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!

       Please file bugs @ https://testssl.sh/bugs/

###########################################################

 Using "OpenSSL 1.0.2-chacha (1.0.2k-dev)" [~179 ciphers]
 on hostname:./bin/openssl.Linux.x86_64
 (built: "Jan 18 17:12:17 2019", platform: "linux-x86_64")


 Start 2020-07-07 15:38:24        -->> 192.168.1.107:443 (192.168.1.107) <<--

 rDNS (192.168.1.107):    --
 Service detected:       HTTP


 Testing protocols via sockets except NPN+ALPN

 SSLv2      not offered (OK)
 SSLv3      not offered (OK)
 TLS 1      offered (deprecated)
 TLS 1.1    offered (deprecated)
 TLS 1.2    not offered and downgraded to a weaker protocol
 TLS 1.3    not offered and downgraded to a weaker protocol
 NPN/SPDY   not offered
 ALPN/HTTP2 not offered

 Testing cipher categories

 NULL ciphers (no encryption)                      not offered (OK)
 Anonymous NULL Ciphers (no authentication)        not offered (OK)
 Export ciphers (w/o ADH+NULL)                     not offered (OK)
 LOW: 64 Bit + DES, RC[2,4], MD5 (w/o export)      not offered (OK)
 Triple DES Ciphers / IDEA                         not offered
 Obsoleted CBC ciphers (AES, ARIA etc.)            offered
 Strong encryption (AEAD ciphers) with no FS       not offered
 Forward Secrecy strong encryption (AEAD ciphers)  not offered


 Testing server's cipher preferences

 Has server cipher order?     yes (OK)
 Negotiated protocol          TLSv1.1
 Negotiated cipher            AES256-SHA
 Cipher per protocol

Hexcode  Cipher Suite Name (OpenSSL)       KeyExch.   Encryption  Bits     Cipher Suite Name (IANA/RFC)
-----------------------------------------------------------------------------------------------------------------------------
SSLv2
 -
SSLv3
 -
TLSv1 (server order)
 x35     AES256-SHA                        RSA        AES         256      TLS_RSA_WITH_AES_256_CBC_SHA
 x2f     AES128-SHA                        RSA        AES         128      TLS_RSA_WITH_AES_128_CBC_SHA
TLSv1.1 (server order)
 x35     AES256-SHA                        RSA        AES         256      TLS_RSA_WITH_AES_256_CBC_SHA
 x2f     AES128-SHA                        RSA        AES         128      TLS_RSA_WITH_AES_128_CBC_SHA
TLSv1.2
 -
TLSv1.3
 -


 Testing robust forward secrecy (FS) -- omitting Null Authentication/Encryption, 3DES, RC4

 No ciphers supporting Forward Secrecy (FS) offered


 Testing server defaults (Server Hello)

 TLS extensions (standard)    (none)
 Session Ticket RFC 5077 hint no -- no lifetime advertised
 SSL Session ID support       yes
 Session Resumption           Tickets no, ID resumption test failed
 TLS clock skew               Random values, no fingerprinting possible
 Signature Algorithm          SHA1 with RSA -- besides: users will receive a strong browser WARNING
 Server key size              RSA 1024 bits (exponent is 65537)
 Server key usage             --
 Server extended key usage    --
 Serial / Fingerprints        C383 / SHA1 <redacted>
                              SHA256 <redacted>
 Common Name (CN)             <redacted>
 subjectAltName (SAN)         missing (NOT ok) -- Browsers are complaining
 Issuer                       <redacted>
 Trust (hostname)             certificate does not match supplied URI
 Chain of trust               NOT ok (chain incomplete)
 EV cert (experimental)       no
 ETS/"eTLS", visibility info  not present
 Certificate Validity (UTC)   6266 >= 60 days (2010-11-03 17:01 --> 2037-09-02 17:01)
                              >= 10 years is way too long
 # of certificates provided   1
 Certificate Revocation List  --
 OCSP URI                     --
                              NOT ok -- neither CRL nor OCSP URI provided
 OCSP stapling                not offered
 OCSP must staple extension   --
 DNS CAA RR (experimental)    not offered
 Certificate Transparency     --


 Testing HTTP header response @ "/"

 HTTP Status Code             200 OK
 HTTP clock skew              +3 (± 1.5) sec from localtime
 Strict Transport Security    365 days=31536000 s, just this domain
 Public Key Pinning           --
 Server banner                exists but empty string
 Application banner           --
 Cookie(s)                    (none issued at "/")
 Security headers             X-Frame-Options sameorigin
                              X-XSS-Protection 1; mode=block
                              X-Content-Type-Options nosniff
                              X-Content-Security-Policy "allow 'self'"
                              Cache-Control no-store, no-cache, must-revalidate, private, post-check=0, pre-check=0
 Reverse Proxy banner         --


 Testing vulnerabilities

 Heartbleed (CVE-2014-0160)                not vulnerable (OK), no heartbeat extension
 CCS (CVE-2014-0224)                       likely VULNERABLE (NOT ok), suspicious error code "33" returned. Please report
 Ticketbleed (CVE-2016-9244), experiment.  not vulnerable (OK), no session ticket extension
 ROBOT                                     VULNERABLE (NOT ok)
 Secure Renegotiation (RFC 5746)           Not supported / VULNERABLE (NOT ok)
 Secure Client-Initiated Renegotiation     not vulnerable (OK)
 CRIME, TLS (CVE-2012-4929)                not vulnerable (OK)
 BREACH (CVE-2013-3587)                    no gzip/deflate/compress/br HTTP compression (OK)  - only supplied "/" tested
 POODLE, SSL (CVE-2014-3566)               not vulnerable (OK), no SSLv3 support
 TLS_FALLBACK_SCSV (RFC 7507)              Rerun including POODLE SSL check. Downgrade attack prevention NOT supported
 SWEET32 (CVE-2016-2183, CVE-2016-6329)    not vulnerable (OK)
 FREAK (CVE-2015-0204)                     not vulnerable (OK)
 DROWN (CVE-2016-0800, CVE-2016-0703)      not vulnerable on this host and port (OK)
                                           make sure you don't use this certificate elsewhere with SSLv2 enabled services
                                           https://censys.io/ipv4?q=<redacted> could help you to find out
 LOGJAM (CVE-2015-4000), experimental      not vulnerable (OK): no DH EXPORT ciphers, no DH key detected with <= TLS 1.2
 BEAST (CVE-2011-3389)                     TLS1: AES256-SHA AES128-SHA
                                           VULNERABLE -- but also supports higher protocols  TLSv1.1 (likely mitigated)
 LUCKY13 (CVE-2013-0169), experimental     potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS. Check patches
 RC4 (CVE-2013-2566, CVE-2015-2808)        no RC4 ciphers detected (OK)


 Running client simulations (HTTP) via sockets

 Android 4.4.2                TLSv1.1 AES256-SHA, No FS
 Android 5.0.0                TLSv1.1 AES256-SHA, No FS
 Android 6.0                  TLSv1.1 AES256-SHA, No FS
 Android 7.0 (native)         TLSv1.1 AES256-SHA, No FS
 Android 8.1 (native)         TLSv1.1 AES256-SHA, No FS
 Android 9.0 (native)         TLSv1.1 AES256-SHA, No FS
 Android 10.0 (native)        TLSv1.1 AES256-SHA, No FS
 Chrome 74 (Win 10)           TLSv1.1 AES256-SHA, No FS
 Chrome 79 (Win 10)           TLSv1.1 AES256-SHA, No FS
 Firefox 66 (Win 8.1/10)      TLSv1.1 AES256-SHA, No FS
 Firefox 71 (Win 10)          TLSv1.1 AES256-SHA, No FS
 IE 6 XP                      No connection
 IE 8 Win 7                   TLSv1.0 AES256-SHA, No FS
 IE 8 XP                      No connection
 IE 11 Win 7                  TLSv1.1 AES256-SHA, No FS
 IE 11 Win 8.1                TLSv1.1 AES256-SHA, No FS
 IE 11 Win Phone 8.1          TLSv1.1 AES256-SHA, No FS
 IE 11 Win 10                 TLSv1.1 AES256-SHA, No FS
 Edge 15 Win 10               TLSv1.1 AES256-SHA, No FS
 Edge 17 (Win 10)             TLSv1.1 AES256-SHA, No FS
 Opera 66 (Win 10)            TLSv1.1 AES256-SHA, No FS
 Safari 9 iOS 9               TLSv1.1 AES256-SHA, No FS
 Safari 9 OS X 10.11          TLSv1.1 AES256-SHA, No FS
 Safari 10 OS X 10.12         TLSv1.1 AES256-SHA, No FS
 Safari 12.1 (iOS 12.2)       TLSv1.1 AES256-SHA, No FS
 Safari 13.0 (macOS 10.14.6)  TLSv1.1 AES256-SHA, No FS
 Apple ATS 9 iOS 9            No connection
 Java 6u45                    TLSv1.0 AES128-SHA, No FS
 Java 7u25                    TLSv1.0 AES128-SHA, No FS
 Java 8u161                   TLSv1.1 AES256-SHA, No FS
 Java 11.0.2 (OpenJDK)        TLSv1.1 AES256-SHA, No FS
 Java 12.0.1 (OpenJDK)        TLSv1.1 AES256-SHA, No FS
 OpenSSL 1.0.2e               TLSv1.1 AES256-SHA, No FS
 OpenSSL 1.1.0l (Debian)      TLSv1.1 AES256-SHA, No FS
 OpenSSL 1.1.1d (Debian)      No connection
 Thunderbird (68.3)           TLSv1.1 AES256-SHA, No FS


 Rating (experimental)

 Rating specs (not complete)  SSL Labs's 'SSL Server Rating Guide' (version 2009q from 2020-01-30)
 Specification documentation  https://github.com/ssllabs/research/wiki/SSL-Server-Rating-Guide
 Protocol Support (weighted)  0 (0)
 Key Exchange     (weighted)  0 (0)
 Cipher Strength  (weighted)  0 (0)
 Final Score                  0
 Overall Grade                T
 Grade cap reasons            Grade capped to T. Uses SHA1 algorithm
                              Grade capped to T. Issues with the chain of trust (chain incomplete)
                              Grade capped to M. Domain name mismatch
                              Grade capped to F. Vulnerable to ROBOT
                              Grade capped to C. TLS 1.2 is not offered
                              Grade capped to B. TLS 1.1 offered
                              Grade capped to B. TLS 1.0 offered
                              Grade capped to B. Forward Secrecy (FS) is not supported
                              Grade capped to A. Does not support TLS_FALLBACK_SCSV
 Grade warning                Secure renegotiation is not supported

 Done 2020-07-07 15:54:21 [ 958s] -->> 192.168.1.107:443 (192.168.1.107) <<--

closed time in 25 days

BeanBagKing

issue commentFortyNorthSecurity/EyeWitness

WebDriverError / "Unknown error while attempting to screenshot"

Pushed a fix for this, thanks for reporting this to us!

BeanBagKing

comment created time in 25 days

push eventFortyNorthSecurity/EyeWitness

Christopher Truncer

commit sha 6a5c10f8f934f3f0f86a80e738c6fa5053029f76

Updated urllib.requests to respect proxy settings if set, fix for #488

view details

push time in 25 days

issue commentFortyNorthSecurity/EyeWitness

WebDriverError / "Unknown error while attempting to screenshot"

First off, I'd love to congratulate you on probably the most detailed bug report we have ever received. It is super helpful to see all the information that you provided, so thank you.

I do have one question, if you use EyeWitness to scan other sites, do they work?

As for why you might be seeing the screenshot but not in the report, EyeWitness makes two requests to each web page in order to generate the report. One request attempts to capture the screenshot, the other captures the source code, headers, etc. It's possible that the screenshot part is working (it's using firefox headlessly to capture it), but the python request to capture the other information is what is failing and therefore resulting in that being shown in the report.

BeanBagKing

comment created time in a month

issue commentVeil-Framework/Veil

veil installation error failed to install these dependencies

Please follow the readme and install on a system with an X server.

aswingreeshmam

comment created time in a month

issue closedVeil-Framework/Veil

veil installation error failed to install these dependencies

Veil Configuration: [] OPERATING_SYSTEM = Kali [] TERMINAL_CLEAR = false [] VEIL_PATH = /root/Veil/ [] WINEPREFIX = /var/lib/veil/wine/ [] TEMP_PATH = /tmp/ [] METASPLOIT_PATH = /usr/share/metasploit-framework/ [] MSFVENOM_PATH = /usr/bin/ [] MSFVENOM_OPTIONS = [] PYINSTALLER_PATH = /var/lib/veil/PyInstaller-3.2.1/ [] GOLANG_PATH = /var/lib/veil/go/

Veil-Evasion Configuration: [] PAYLOAD_SOURCE_PATH = /var/lib/veil/output/source/ [] PAYLOAD_COMPILED_PATH = /var/lib/veil/output/compiled/ [] HANDLER_PATH = /var/lib/veil/output/handlers/ [] HASH_LIST = /var/lib/veil/output/hashes.txt [I] Path '/etc/veil/' Created [I] Configuration File Written To: '/etc/veil/settings.py'

[*] Ensuring this account (root) owns veil output directory (/var/lib/veil/output)...

[*] Ensuring this account (root) has correct ownership of /var/lib/veil/wine

[*] Finished Veil configuration...

[*] Finished environment checks

[ERROR] There was issues installing the following:

Failed with installing dependencies (1): 0 Failed with installing wine (2): 0 Veil Wine environment could not be found! Check for existence of /var/lib/veil/wine/drive_c Failed to install (Wine) Python 3.4.4... Exit code: 1 Failed to run (wine) Python pip... Exit code: 1 Failed to run (wine) Python pip future... Exit code: 1 Failed to run (wine) Python pip pefile... Exit code: 1 Failed to install (Wine) Ruby.exe... Exit code: 1 Failed to run (wine) Ruby OCRA.. Exit code: 1 Failed to run (wine) AutoIT.. Exit code: 1

[I] If you have any errors running Veil, run: './Veil.py --setup' and select the nuke the wine folder option

[I] Done

root@kali:~/Veil# ./Veil.py --setup

[!] ERROR #2-3: Can't find the WINE profile for Python v3.4 (/var/lib/veil/wine//drive_c/Python34/python.exe). Run: /root/Veil/config/setup.sh --force --silent

closed time in a month

aswingreeshmam

issue commentVeil-Framework/Veil

installation failed [ERROR] Failed with git clone: 0

I'm going to lock this issue. If you receive this, first, please try on a clean Kali system. As of the time of this post, I tested on a clean Kali, i cloned the repo down and installed via the setup script instead of using apt and everything installed successfully.

formessingup

comment created time in a month

issue commentVeil-Framework/Veil

The imp package deprecation in favor of importlib.

closing since this is merged!

seb1055

comment created time in a month

issue closedVeil-Framework/Veil

Options no assigning

veli options are not selecting when i select the 1 the option the options are not selecting and the options doesnt have any numbering and selection content

closed time in a month

A2hari

issue closedVeil-Framework/Veil

Powershell code don't work with msf

Veil version

3.1.12

OS Used - all info (architecture, linux flavor, etc)

kali linux

How did you install Veil? (Apt, Clone from Github, etc.)

apt

Did you run the setup script?

yes

Pastebin link to error you are encountering (include console actions you took prior to error)

msfconsol : https://pastebin.com/YDkbcPfa script : https://pastebin.com/P7R4huNv

Expected behavior

The script doesn't work, I don't have any feedback on msf. All other scripts work except powerhells

Any additional info you want to tell me

closed time in a month

jcardonne

issue closedVeil-Framework/Veil

[Request] Add nim language for payloads

Veil version

3.1.12

OS Used - all info (architecture, linux flavor, etc)

Parrot Security Edition 4.7

How did you install Veil? (Apt, Clone from Github, etc.)

apt

Reasons

I played with nim language and I think the language is very awesome for payload generation:

  • Support cross compile perfectly: We just have to install nim compiler in Linux and run nim c -d:mingw --cpu:amd64 revshell.nim for windows binaries (use flag --cpu:i386 for 32 bit platform). It use mingw as the compiler. I got no error when i compiled it.
  • Very small binary file: I created a simple reverse shell script in nim and it is only 528Kb for windows PE, 236Kb for Linux ELF. The output payload of meterpreter should be small as well
  • Can use C code (from home page) so i think you cal call native C code to make meterpreter. Nim syntax is simple like Python so making template payload should be fast.
  • Nim compiler is supported by Debian

closed time in a month

dmknght

issue closedVeil-Framework/Veil

Pip3 Not found

Veil version

#3

OS Used - all info (architecture, linux flavor, etc)

Ubuntu 18.04 x86

How did you install Veil? (Apt, Clone from Github, etc.)

Github

Did you run the setup script?

Yup

Pastebin link to error you are encountering (include console actions you took prior to error)

Pip3 unable to be found or installed

Expected behavior

Runs fine so far but the pip3 thing

Any additional info you want to tell me

I have python 3-pip but not pip3. What issues should I expect from this.

closed time in a month

SnXe

issue closedVeil-Framework/Veil

ImportError: No module named 'past'

Veil | [Version]: 3.1.12

Kali linux

Installed using: apt

Setup script automatically ran

Error: https://pastebin.com/raw/eKzshLgE

This happened when I chose payload #26 and tried to compile it to EXE

closed time in a month

sxplitfirex

issue commentVeil-Framework/Veil

ImportError: No module named 'past'

I just used the latest version of Veil on the latest version of Kali. Please try using a clean VM and you shouldn't have an issue. Also please do not install via apt, please install via github cloning and installing.

sxplitfirex

comment created time in a month

issue closedVeil-Framework/Veil

Error running ./Veil

=============================================================================== Veil-Evasion

  [Web]: https://www.veil-framework.com/ | [Twitter]: @VeilFramework

===============================================================================

Payload Information:

Name:		Python AES Encryption
Language:	python
Rating:		Excellent
Description:    AES Encrypted shellcode is decrypted at runtime
                with key in file, injected into memory, and
                executed

Payload: python/shellcode_inject/aes_encrypt selected

Required Options:

Name Value Description


CLICKTRACK X Optional: Minimum number of clicks to execute payload COMPILE_TO_EXE Y Compile to an executable CURSORMOVEMENT FALSE Check if cursor is in same position after 30 seconds DETECTDEBUG FALSE Check if debugger is present DOMAIN X Optional: Required internal domain EXPIRE_PAYLOAD X Optional: Payloads expire after "Y" days HOSTNAME X Optional: Required system hostname INJECT_METHOD Virtual Virtual, Void, or Heap MINRAM FALSE Check for at least 3 gigs of RAM PROCESSORS X Optional: Minimum number of processors SANDBOXPROCESS FALSE Check for common sandbox processes SLEEP X Optional: Sleep "Y" seconds, check if accelerated USERNAME X Optional: The required user account USERPROMPT FALSE Make user click prompt prior to execution USE_PYHERION N Use the pyherion encrypter UTCCHECK FALSE Optional: Validates system does not use UTC timezone VIRTUALDLLS FALSE Check for dlls loaded in memory VIRTUALFILES FALSE Optional: Check if VM supporting files exist

Available Commands:

back        	Go back to Veil-Evasion
exit        	Completely exit Veil
generate    	Generate the payload
options     	Show the shellcode's options
set         	Set shellcode option

[?] Generate or supply custom shellcode?

 1 - Ordnance (default)
 2 - MSFVenom
 3 - Custom shellcode string
 4 - File with shellcode (\x41\x42..)
 5 - Binary file with shellcode

[>] Please enter the number of your choice: 2

[] Press [enter] for windows/meterpreter/reverse_tcp [] Press [tab] to list available payloads [>] Please enter metasploit payload: [>] Enter value for 'LHOST', [tab] for local IP: [>] Enter value for 'LPORT': 2345 [>] Enter any extra msfvenom options (syntax: OPTION1=value1 or -OPTION2=value2):

[*] Generating shellcode using msfvenom... [-] No platform was selected, choosing Msf::Module::Platform::Windows from the payload [-] No arch selected, selecting arch: x86 from the payload No encoder or badchars specified, outputting raw payload Payload size: 341 bytes Final size of c file: 1457 bytes Traceback (most recent call last): File "./Veil.py", line 145, in <module> the_conductor.main_menu() File "/usr/share/veil/lib/common/orchestra.py", line 127, in main_menu tool_object.tool_main_menu() File "tools/evasion/tool.py", line 368, in tool_main_menu self.use_payload(selected_payload_module) File "tools/evasion/tool.py", line 400, in use_payload selected_payload.generate() File "tools/evasion/payloads/python/shellcode_inject/aes_encrypt.py", line 89, in generate encoded_ciphertext, encryption_key, iv_value = encryption.aes_encryption(Shellcode) File "/usr/share/veil/tools/evasion/evasion_common/encryption.py", line 21, in aes_encryption aes_cipher_object = AES.new(random_aes_key, AES.MODE_CBC, iv) File "/usr/local/lib/python3.7/dist-packages/Crypto/Cipher/AES.py", line 232, in new return _create_cipher(sys.modules[name], key, mode, *args, **kwargs) File "/usr/local/lib/python3.7/dist-packages/Crypto/Cipher/init.py", line 79, in _create_cipher return modes[mode](factory, **kwargs) File "/usr/local/lib/python3.7/dist-packages/Crypto/Cipher/_mode_cbc.py", line 274, in _create_cbc_cipher cipher_state = factory._create_base_cipher(kwargs) File "/usr/local/lib/python3.7/dist-packages/Crypto/Cipher/AES.py", line 103, in _create_base_cipher result = start_operation(c_uint8_ptr(key), File "/usr/local/lib/python3.7/dist-packages/Crypto/Util/_raw_api.py", line 238, in c_uint8_ptr raise TypeError("Object type %s cannot be passed to C code" % type(data)) TypeError: Object type <class 'str'> cannot be passed to C code

Veil version - 3.1.13

OS Used - Linux kali 5.2.0-kali2-amd64

How did you install Veil? - Clone from Github

Did you run the setup script? Yes

Expected behavior:

[>] Please enter the base name for output files (default is payload): teste12

                               Veil-Evasion

=============================================================================== [Web]: https://www.veil-framework.com/ | [Twitter]: @VeilFramework

[?] How would you like to create your payload executable?

 1 - PyInstaller (default)
 2 - Py2Exe

[>] Please enter the number of your choice: 1

Any additional info you want to tell me: Other payloads are working perfectly

closed time in a month

Kvothe123

issue commentVeil-Framework/Veil

Error running ./Veil

I just installed Veil on the latest version of Kali and ran the exact commands you ran and it generate a payload without an issue. Can you try again please and re-open the issue if there are still problems?

Kvothe123

comment created time in a month

issue closedVeil-Framework/Veil

Error in Wine Installation

Veil version

OS Used - all info (architecture, linux flavor, etc)

Kali Linux 2020

How did you install Veil? (Apt, Clone from Github, etc.)

Clone from Github

Did you run the setup script?

yes

Pastebin link to error you are encountering (include console actions you took prior to error)

https://pastebin.com/Z4bje9sC

Expected behavior

To install Veil

Any additional info you want to tell me

He always keep asking to enter the location of PyInstaller

closed time in a month

savageandlost21

issue commentVeil-Framework/Veil

Error in Wine Installation

I just confirmed that the install works. I just downloaded a clean version of Kali and installed Veil on it without an issue. If you can provide additional details on how to recreate this, I would be happy to look into it.

savageandlost21

comment created time in a month

issue closedVeil-Framework/Veil

Failed to install (Wine) Ruby.exe... Exit code: 1 Failed to run (wine) Ruby OCRA.. Exit code: 49

Veil version

latest

OS Used - all info (architecture, linux flavor, etc)

Kali 2020 amd64 inside virtual box 6.1 and qemu/kvm

How did you install Veil? (Apt, Clone from Github, etc.)

both ways Apt and clone for Github

Did you run the setup script?

yes as per intructions

Pastebin link to error you are encountering (include console actions you took prior to error)

[*] Installing (Wine) Ruby & dependencies

[*] Next -> Next -> Next -> Finished! ...Overwrite if prompt (use default values)

0009:err:winediag:nodrv_CreateWindow Application tried to create a window, but no driver could be loaded. 0009:err:winediag:nodrv_CreateWindow Make sure that your X server is running and that $DISPLAY is set correctly. 002c:err:winediag:nodrv_CreateWindow Application tried to create a window, but no driver could be loaded. 002c:err:winediag:nodrv_CreateWindow Make sure that your X server is running and that $DISPLAY is set correctly. [ERROR] Failed to install (Wine) Ruby.exe... Exit code: 1

[*] Installing (Wine) Ruby OCRA gem...

Z:\var\lib\veil\setup-dependencies>Z:\var\lib\veil\wine\drive_c\Ruby187\bin\gem install --force --local ocra-1.3.6.gem Can't recognize 'Z:\var\lib\veil\wine\drive_c\Ruby187\bin\gem install --force --local ocra-1.3.6.gem' as an internal or external command, or batch script. [ERROR] Failed to run (wine) Ruby OCRA.. Exit code: 49

[ERROR] There was issues installing the following:

Failed to install (Wine) Ruby.exe... Exit code: 1 Failed to run (wine) Ruby OCRA.. Exit code: 49

Expected behavior

no errors????

Any additional info you want to tell me

In qemu/kvm no errors in virtual box 6.1 appears the above errors

kali 2020 clean install

closed time in a month

cptcharis

issue commentVeil-Framework/Veil

Failed to install (Wine) Ruby.exe... Exit code: 1 Failed to run (wine) Ruby OCRA.. Exit code: 49

Please try installing on the latest version of Kali in a clean VM, and use the command provided in the Readme. I just verified that it works without an issue.

If you still encounter a problem, feel free to re-open this

cptcharis

comment created time in a month

issue closedVeil-Framework/Veil

NoDistribute along with many other sites says PAYLOAD is empty file or uploading error. But only AntiScan could successfully scan it with almost all antiviruses able to detect it.

Veil version

Veil 3.1.X

OS Used - all info (architecture, linux flavor, etc)

Kali linux within VirtualBox, x64 os architecture

How did you install Veil? (Apt, Clone from Github, etc.)

Clone from Github

Did you run the setup script?

Yes

Pastebin link to error you are encountering (include console actions you took prior to error)

Expected behavior

Any additional info you want to tell me

closed time in a month

samarth19

issue commentVeil-Framework/Veil

NoDistribute along with many other sites says PAYLOAD is empty file or uploading error. But only AntiScan could successfully scan it with almost all antiviruses able to detect it.

Please modify the default templates. Veil can't stay completely undetected with default configs forever.

samarth19

comment created time in a month

issue commentVeil-Framework/Veil

setup install problrm in kali

I can't tell what the issue is if you don't provide any of the basic info we request. Please try on a clean kali and clone from git, I just verified it is working as of the time of this comment.

choudhary805

comment created time in a month

issue closedVeil-Framework/Veil

setup install problrm in kali

[ERROR] Failed to run (wine) AutoIT.. Exit code: 1

[ERROR] There was issues installing the following:

Failed with installing dependencies (1): 0 Failed with installing wine (2): 0 Veil Wine environment could not be found! Check for existence of /var/lib/veil/wine/drive_c Failed to install (Wine) Python 3.4.4... Exit code: 1 Failed to run (wine) Python pip... Exit code: 1 Failed to run (wine) Python pip future... Exit code: 1 Failed to run (wine) Python pip pefile... Exit code: 1 Failed to install (Wine) Ruby.exe... Exit code: 1 Failed to run (wine) Ruby OCRA.. Exit code: 1 Failed to run (wine) AutoIT.. Exit code: 1

closed time in a month

choudhary805

issue commentVeil-Framework/Veil

Unable to Install

Can you try on a clean kali install, and only install by cloning from this repo and not from apt? I just tested the latest version of Kali and it installed successfully.

If you are still running into issues, feel free to comment and re-open this issue

OL-PenTester

comment created time in a month

issue closedVeil-Framework/Veil

Unable to Install

Veil version

Veil 3.1

OS Used - all info (architecture, linux flavor, etc)

Kali Linux 2019.4 x86_64 Gnome

How did you install Veil? (Apt, Clone from Github, etc.)

Tried once through apt and once through Github clone

Did you run the setup script?

Yes

Pastebin link to error you are encountering (include console actions you took prior to error)

https://pastebin.com/52ek1Ruv

Expected behavior

Any additional info you want to tell me

I cannot install wine32 on Kali 2019.4

closed time in a month

OL-PenTester

issue closedVeil-Framework/Veil

architecture aarch64 not supported

Veil 3.1x

OS Used - architecture aarch64, kali linux )

How did you install Veil? (Clone from Github)

Did you run the setup script? yes

why veil is not supporting on raspberrypi 4?

closed time in a month

athul4554

issue commentVeil-Framework/Veil

architecture aarch64 not supported

We can't control the packages that Veil uses if they support that.

athul4554

comment created time in a month

issue closedVeil-Framework/Veil

Can't Install Veil

Veil version - Latest

OS Used - all info (architecture, linux flavor, etc)

Kali Linux 2020.1

How did you install Veil? (Apt, Clone from Github, etc.)

apt-get install veil

Did you run the setup script?

Yes, after it asked me to do in the error message. ERROR #2-3: Can't find Go (/var/lib/veil/go/). Run: /usr/share/veil/config/setup.sh --force --silent

Pastebin link to error you are encountering (include console actions you took prior to error)

Expected behavior

Should have installed it because I had veil before on the same system. I just reinstalled Kali and it's not working now.

Any additional info you want to tell me

Here's a screenshot of the last error message.

image

closed time in a month

KedarJoshi11

issue commentVeil-Framework/Veil

Can't Install Veil

Can you try installing on a clean system, and cloning and installing from git (instead of installing from apt)? I just tested on a clean Kali image and it installed without any issues.

If you still are encountering problems, feel free to re-open this issue and/or comment in this.

KedarJoshi11

comment created time in a month

issue closedVeil-Framework/Veil

installation error

Veil Evasion version :2.28.2

OS Used - kali linux 2020

i downloaded the file from https://github.com/Veil-Framework/Veil-Evasion.git by using the command: git clone https://github.com/Veil-Framework/Veil-Evasion.git had a lot of issues , but solved many of those , but right now , i wasn't able to solve this one issue here are the details:

awk: fatal: invalid regexp: Invalid range end: /[:-.]/

E: No packages found

./setup.sh: line 546: [: : integer expression expected

Reading package lists... Done

Building dependency tree

Reading state information... Done

E: Unable to locate package gccgo-5

update-alternatives: error: no alternatives for go

[*] Installing Go x86_64 (via TAR)

[*] Setttings already detected... Skipping...

There was issues installing the following:

Failed to install dependencies... Exit code: 100

[I] If you have any errors running Veil-Evasion, delete the Veil Wine profile ('rm -rf /root/.config/wine/veil') and re-run: '/root/Veil-Evasion/setup/setup.sh -c'

[I] Done!

can you guys help me with it?

closed time in a month

jhonparker

issue commentVeil-Framework/Veil

installation error

You are cloning the wrong repo. Please clone the Veil repo, you're literally in that repo right now when you made this issue.

jhonparker

comment created time in a month

issue closedVeil-Framework/Veil

cant find wine profile..

Veil version

kali 2020.1

OS Used - all info (architecture, linux flavor, etc)

kali linux

How did you install Veil? (Apt, Clone from Github, etc.)

git clone

Did you run the setup script?

s

Pastebin link to error you are encountering (include console actions you took prior to error)

[I] Kali Linux 2020.2 x86_64 detected...

[I] Silent Mode: Enabled [I] Force Mode: Enabled

[?] Are you sure you wish to install Veil?

 Continue with installation? ([y]es/[s]ilent/[N]o): S

[*] Initializing package installation

[*] Installing dependencies

[*] Updating APT

Reading package lists... Done Building dependency tree
Reading state information... Done git is already the newest version (1:2.26.2-1). ruby is already the newest version (1:2.7+1). ruby set to manually installed. sudo is already the newest version (1.9.0-1). sudo set to manually installed. unzip is already the newest version (6.0-25). unzip set to manually installed. Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming. The following information may help to resolve the situation:

The following packages have unmet dependencies: libc6-dev : Breaks: libgcc-9-dev (< 9.3.0-5~) but 9.2.1-22 is to be installed E: Error, pkgProblemResolver::Resolve generated breaks, this may be caused by held packages. [ERROR] Failed with installing dependencies (1): 0

[*] Installing Python's pycrypto (via apt)...

Reading package lists... Done Building dependency tree
Reading state information... Done python3-crypto is already the newest version (2.6.1-13). The following packages were automatically installed and are no longer required: libcroco3 python-backports.functools-lru-cache python-bs4 python-dnspython python-html5lib python-lxml python-netaddr python-soupsieve python-webencodings ruby2.5 Use 'sudo apt autoremove' to remove them. 0 upgraded, 0 newly installed, 0 to remove and 210 not upgraded. Reading package lists... Done Building dependency tree
Reading state information... Done metasploit-framework is already the newest version (5.0.92-0kali1). The following packages were automatically installed and are no longer required: libcroco3 python-backports.functools-lru-cache python-bs4 python-dnspython python-html5lib python-lxml python-netaddr python-soupsieve python-webencodings ruby2.5 Use 'sudo apt autoremove' to remove them. 0 upgraded, 0 newly installed, 0 to remove and 210 not upgraded.

[*] Pulling down binary dependencies

rm: cannot remove '/var/lib/veil/setup-dependencies/go1.7.5.linux-amd64.tar.gz': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/ruby_gems-1.8.zip': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/pycrypto-2.6.1.win32-py3.4.exe': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/autoit-v3-setup.exe': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/ocra-1.3.6.gem': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/PyInstaller-3.2.1.tar': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/rubyinstaller-1.8.7-p371.exe': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/python-3.4.4.msi': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/.git/logs/HEAD': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/.git/logs/refs/heads/master': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/.git/logs/refs/remotes/origin/HEAD': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/.git/ORIG_HEAD': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/.git/hooks/prepare-commit-msg.sample': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/.git/hooks/pre-merge-commit.sample': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/.git/hooks/pre-rebase.sample': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/.git/hooks/commit-msg.sample': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/.git/hooks/pre-receive.sample': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/.git/hooks/pre-applypatch.sample': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/.git/hooks/applypatch-msg.sample': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/.git/hooks/pre-push.sample': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/.git/hooks/post-update.sample': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/.git/hooks/pre-commit.sample': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/.git/hooks/update.sample': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/.git/hooks/fsmonitor-watchman.sample': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/.git/packed-refs': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/.git/HEAD': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/.git/branches': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/.git/index': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/.git/config': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/.git/info/exclude': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/.git/refs/heads/master': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/.git/refs/tags': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/.git/refs/remotes/origin/HEAD': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/.git/objects/info': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/.git/objects/pack/pack-849d98a1c603ce301177f1d984b24fb76c1faa9a.pack': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/.git/objects/pack/pack-849d98a1c603ce301177f1d984b24fb76c1faa9a.idx': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/.git/FETCH_HEAD': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/go1.7.5.linux-386.tar.gz': Permission denied rm: cannot remove '/var/lib/veil/setup-dependencies/pywin32-220.win32-py3.4.exe': Permission denied [*] Already detected folder: /var/lib/veil/setup-dependencies

[*] Trying to git pull

Already up to date.

[*] Installing Wine

[*] Already have x86 architecture added...

[*] Installing Wine 32-bit and 64-bit binaries (via APT)

E: Error, pkgProblemResolver::Resolve generated breaks, this may be caused by held packages. [ERROR] Failed with installing wine (2): 0

[*] Creating new Veil Wine environment in: /var/lib/veil/wine

[*] Initializing Veil's Wine environment...

sudo: wine: command not found [ERROR] Veil Wine environment could not be found!

[ERROR] Check for existence of /var/lib/veil/wine/drive_c

[*] Finished package installation

[*] Initializing (OS + Wine) Python dependencies installation...

[*] Installing (Wine) Python...

[*] Next -> Next -> Next -> Finished! ...Overwrite if prompt (use default values)

sudo: wine: command not found [ERROR] Failed to install (Wine) Python 3.4.4... Exit code: 1

[*] Installing (Wine) Python dependencies...

[*] Installing (Wine) Python's pywin32-220.win32-py3.4.exe...

[*] Next -> Next -> Next -> Finished! ...Overwrite if prompt (use default values)

warning [pywin32-220.win32-py3.4.exe]: 192288 extra bytes at beginning or within zipfile (attempting to process anyway) cp: target '/var/lib/veil/wine/drive_c/Python34/Lib/site-packages/' is not a directory cp: target '/var/lib/veil/wine/drive_c/Python34/Scripts/' is not a directory sudo: wine: command not found

[*] Installing (Wine) Python's pycrypto-2.6.1.win32-py3.4.exe...

[*] Next -> Next -> Next -> Finished! ...Overwrite if prompt (use default values)

warning [pycrypto-2.6.1.win32-py3.4.exe]: 191515 extra bytes at beginning or within zipfile (attempting to process anyway) cp: target '/var/lib/veil/wine/drive_c/Python34/Lib/site-packages/' is not a directory

[*] Installing (OS) Python's PyInstaller (via TAR)

[*] Installing (Wine) Python's PIP pefile

sudo: wine: command not found [ERROR] Failed to run (wine) Python pip... Exit code: 1

sudo: wine: command not found [ERROR] Failed to run (wine) Python pip future... Exit code: 1

sudo: wine: command not found [ERROR] Failed to run (wine) Python pip pefile... Exit code: 1

[*] Finished (Wine + OS) Python dependencies installation

[*] Initializing (Wine) Ruby installation...

[*] Installing (Wine) Ruby & dependencies

[*] Next -> Next -> Next -> Finished! ...Overwrite if prompt (use default values)

mkdir: cannot create directory ‘/var/lib/veil/wine’: Permission denied sudo: wine: command not found [ERROR] Failed to install (Wine) Ruby.exe... Exit code: 1

[*] Installing (Wine) Ruby OCRA gem...

sudo: wine: command not found [ERROR] Failed to run (wine) Ruby OCRA.. Exit code: 1

[*] Extracting (Wine) Ruby dependencies...

checkdir: cannot create extraction directory: /var/lib/veil/wine/drive_c/Ruby187/lib/ruby/gems/1.8 No such file or directory

[*] Finished Ruby installation

[*] Initializing Go installation...

[*] Installing Go x86_64 (via TAR)

[*] Finished Go installation

[*] Initializing AutoIT installation...

[*] Installing (Wine) AutoIT

[*] Next -> Next -> Next -> Finished! ...Overwrite if prompt (use default values)

sudo: wine: command not found [ERROR] Failed to run (wine) AutoIT.. Exit code: 1

[*] Finished AutoIT installation

[*] Updating Veil configuration...

[i] Can't find WINE profile? Run: /home/kali/Desktop/Veil/config/config/setup.sh --force --silent [>] Please enter the directory of Veil's WINE profile (e.g. /var/lib/veil/wine/):

Expected behavior

Any additional info you want to tell me

closed time in a month

jamie268622

issue commentVeil-Framework/Veil

cant find wine profile..

There shouldn't be an issue from the installer script. I just verified this by downloading a clean version of Kali (latest build as of this writing) and Veil installed successfully. The only modification was uncommenting the deb-src repo.

jamie268622

comment created time in a month

issue closedVeil-Framework/Veil

Failed with installing Wine

Forget about using it, it is not even installing...

1st, Sign of Error The following packages have unmet dependencies: libc6-dev : Breaks: libgcc-8-dev (< 8.4.0-2~) but 8.3.0-26 is to be installed Breaks: libgcc-9-dev (< 9.3.0-5~) but 9.2.1-22 is to be installed E: Error, pkgProblemResolver::Resolve generated breaks, this may be caused by held packages. [ERROR] Failed with installing dependencies (1): 0 . . . after many lines... 2nd, Error starts from here E: Error, pkgProblemResolver::Resolve generated breaks, this may be caused by held packages. [ERROR] Failed with installing wine (2): 0

and it keeps on happening with Python, Ruby and whatever the hell there is.

closed time in a month

cipher135

issue commentVeil-Framework/Veil

Failed with installing Wine

Without providing any information at all about your system, it's not possible to troubleshoot this.

There shouldn't be an issue from the installer script. I just verified this by downloading a clean version of Kali (latest build as of this writing) and Veil installed successfully. The only modification was uncommenting the deb-src repo.

cipher135

comment created time in a month

issue closedVeil-Framework/Veil

Wine is not owned by you

Veil version

3.1.14

OS Used - all info (architecture, linux flavor, etc)

Kali linux 2020.2 kernel: Linux kali 5.6.0-kali2-amd64 #1 SMP Debian 5.6.14-1kali1 (2020-05-25) x86_64 GNU/Linux

How did you install Veil? (Apt, Clone from Github, etc.)

sudo apt install veil

Did you run the setup script?

yes

Pastebin link to error you are encountering (include console actions you took prior to error)

[python/meterpreter/rev_tcp>>]: generate
===============================================================================
                                   Veil-Evasion
===============================================================================
      [Web]: https://www.veil-framework.com/ | [Twitter]: @VeilFramework
===============================================================================

 [>] Please enter the base name for output files (default is payload): 
===============================================================================
                                   Veil-Evasion
===============================================================================
      [Web]: https://www.veil-framework.com/ | [Twitter]: @VeilFramework
===============================================================================

 [?] How would you like to create your payload executable?

     1 - PyInstaller (default)
     2 - Py2Exe

 [>] Please enter the number of your choice: 
wine: /var/lib/veil/wine is not owned by you
===============================================================================
                                   Veil-Evasion
===============================================================================
      [Web]: https://www.veil-framework.com/ | [Twitter]: @VeilFramework
===============================================================================

 [!] ERROR: Unable to create output file.
 [*] Source code written to: /var/lib/veil/output/source/payload.py
 [*] Metasploit Resource file written to: /var/lib/veil/output/handlers/payload.rc

Expected behavior

Any additional info you want to tell me

The main error is: wine: /var/lib/veil/wine is not owned by you Also I ran the command chown kali /var/lib/veil/wine but nothing happened

closed time in a month

darklight-oss

issue commentVeil-Framework/Veil

Wine is not owned by you

You will need to change ownership of that directory so you (your account you use) owns it. This shouldn't be an issue from the installer script. I just verified this by downloading a clean version of Kali (latest build as of this writing) and Veil installed successfully. The only modification was uncommenting the deb-src repo.

darklight-oss

comment created time in a month

startedFlameOfIgnis/Pwdb-Public

started time in a month

CommitCommentEvent

created tagFortyNorthSecurity/EyeWitness

tagv20200616.1

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

created time in 2 months

release FortyNorthSecurity/EyeWitness

v20200616.1

released time in 2 months

push eventFortyNorthSecurity/EyeWitness

Christopher Truncer

commit sha e660023b4814065af140c00f4b604b18b7f7cc8a

Updated homer dates

view details

push time in 2 months

issue commentFortyNorthSecurity/C2concealer

Powershell HTTPS reverse shell Exception

We haven't run into an issue with reverse https stagers, as of yet. Unfortunately, we don't have enough information based on your report to recreate the issue. Can you paste the actual (and full) PowerShell error that you are receiving vs only part of it? Can you try running the stager command manually on the command line and post the error?

djerrystyle

comment created time in 2 months

pull request commentVeil-Framework/Veil

xrange() was removed from Python on 1/1/2020

looks good to me, thanks!

cclauss

comment created time in 2 months

push eventVeil-Framework/Veil

Christian Clauss

commit sha 4aa979e7b60ad98686160f51e1462de757b4d391

xrange() was removed from Python on 1/1/2020

view details

ChrisTruncer

commit sha e33da376ea313735cf2430b6e7314acffbf1cdda

Merge pull request #368 from cclauss/patch-1 xrange() was removed from Python on 1/1/2020

view details

push time in 2 months

issue closedVeil-Framework/Veil

Can't find WINE profile?

ike@kali:~/Desktop/Veil$ ls CHANGELOG config init.py lib LICENSE README.md tools Veil.py mike@kali:~/Desktop/Veil$ cd config mike@kali:~/Desktop/Veil/config$ ls setup.sh update-config.py mike@kali:~/Desktop/Veil/config$ ./config/update-config.py --force --silent bash: ./config/update-config.py: No such file or directory mike@kali:~/Desktop/Veil/config$ ../ bash: ../: Is a directory mike@kali:~/Desktop/Veil/config$ cd - /home/mike/Desktop/Veil mike@kali:~/Desktop/Veil$ ./config/update-config.py --force --silent

[!] ERROR: Not root. Requesting...

[sudo] password for mike:

[i] Can't find WINE profile? Run: /home/mike/Desktop/Veil/config/setup.sh --force --silent [>] Please enter the directory of Veil's WINE profile (e.g. /var/lib/veil/wine/):

closed time in 2 months

wenirex129

issue commentVeil-Framework/Veil

Can't find WINE profile?

please follow the readme

wenirex129

comment created time in 2 months

startedbats3c/shad0w

started time in 2 months

issue commentFortyNorthSecurity/EyeWitness

Sometime This Error Happen

I don't have that database file. If you could please provide the URLs that you were scanning then we can look to see if we can re-create a bug.

badr-azeez

comment created time in 2 months

issue commentFortyNorthSecurity/EyeWitness

Sometime This Error Happen

Can you provide additional information (like what was requested when you create the issue)? Can you provide the URL(s) that you were scanning?

badr-azeez

comment created time in 2 months

issue commentFortyNorthSecurity/EXCELntDonut

64Bit Macro Crashing Excel

Thanks for posting, just so you guys know @joeleonjr is looking into this, thanks for sample POCs too which you guys can share as not working so its easier for us to re-create

rvrsh3ll

comment created time in 2 months

startedRythmStick/AMSITrigger

started time in 2 months

issue commentmicrosoft/vscode-azurefunctions

Outputted HTTP Trigger URL Incorrect When Specifying RoutePrefix

Correct, this was with a Python project

ChrisTruncer

comment created time in 2 months

issue openedmicrosoft/vscode-azurefunctions

Outputted HTTP Trigger URL Incorrect When Specifying RoutePrefix

Hi there,

I'm not sure if this is a big in the Azure Functions Plugin, or within VS Code itself, but figured I would start here. I am using VSCode to deploy a function with the Azure Functions plugin. The deployment works without any issues, however the HTTP Trigger URL is incorrect when specifying a route prefix.

Regardless of the route prefix specified in the host.json file, the output when the Azure Functions plugin runs always shows "api" as the route prefix.

routeprefix

However, within the Azure Portal, the correct HTTPTrigger URL is shown.

httptrigger url in azure portal

created time in 2 months

issue closedVeil-Framework/Veil

Wine Installation problem

Veil version

Veil 3.1.X

OS Used - all info (architecture, linux flavor, etc)

Lenux On virtual Box

How did you install Veil? (Apt, Clone from Github, etc.)

  • cd /opt
  • git clone https://github.com/Veil-Framework/Veil.git
  • cd Veil
  • cd config
  • ./setup.sh --silent --force

Did you run the setup script?

Yes.Multiple Time

Pastebin link to error you are encountering (include console actions you took prior to error)

https://github.com/Veil-Framework/Veil.git

Expected behavior

  • cd /opt
  • git clone https://github.com/Veil-Framework/Veil.git
  • cd Veil
  • cd config
  • ./setup.sh --silent --force

root@kali:~# cd /opt

root@kali:/opt# git clone https://github.com/Veil-Framework/Veil.git

fatal: destination path 'Veil' already exists and is not an empty directory.

root@kali:/opt# cd Veil/config

root@kali:/opt/Veil/config# ./setup.sh --silent --force

==========================================================================

             Veil (Setup Script) | [Updated]: 2018-05-08

==========================================================================

 [Web]: https://www.veil-framework.com/ | [Twitter]: @VeilFramework

==========================================================================

             os = kali

      osversion = 2020.1

   osmajversion = 2020

           arch = x86_64

       trueuser = root

userprimarygroup = root

    userhomedir = /root

        rootdir = /opt/Veil

        veildir = /var/lib/veil

      outputdir = /var/lib/veil/output

dependenciesdir = /var/lib/veil/setup-dependencies

        winedir = /var/lib/veil/wine

      winedrive = /var/lib/veil/wine/drive_c

        gempath = Z:\var\lib\veil\wine\drive_c\Ruby187\bin\gem

[I] Kali Linux 2020.1 x86_64 detected...

[I] Silent Mode: Enabled

[I] Force Mode: Enabled

[?] Are you sure you wish to install Veil?

 Continue with installation? ([y]es/[s]ilent/[N]o): S

[*] Initializing package installation

[*] Installing dependencies

[*] Updating APT

W: GPG error: https://download.opensuse.org/repositories/Emulators:/Wine:/Debian/Debian_10 ./ InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY DFA175A75104960E

E: The repository 'https://download.opensuse.org/repositories/Emulators:/Wine:/Debian/Debian_10 ./ InRelease' is not signed.

[ERROR] Failed with apt-get update (1): 0

Reading package lists... Done

Building dependency tree

Reading state information... Done

git is already the newest version (1:2.26.2-1).

ruby is already the newest version (1:2.7+1).

ruby set to manually installed.

unzip is already the newest version (6.0-25).

unzip set to manually installed.

Some packages could not be installed. This may mean that you have

requested an impossible situation or if you are using the unstable

distribution that some required packages have not yet been created

or been moved out of Incoming.

The following information may help to resolve the situation:

The following packages have unmet dependencies:

libc6-dev : Breaks: libgcc-8-dev (< 8.4.0-2~) but 8.3.0-26 is to be installed

         Breaks: python3.7 (< 3.7.7-1+b1) but 3.7.6-1 is to be installed

E: Error, pkgProblemResolver::Resolve generated breaks, this may be caused by held packages.

[ERROR] Failed with installing dependencies (1): 0

[*] Installing Python's pycrypto (via apt)...

Reading package lists... Done

Building dependency tree

Reading state information... Done

python3-crypto is already the newest version (2.6.1-13).

The following package was automatically installed and is no longer required:

ruby2.5

Use 'sudo apt autoremove' to remove it.

0 upgraded, 0 newly installed, 0 to remove and 1299 not upgraded.

Reading package lists... Done

Building dependency tree

Reading state information... Done

metasploit-framework is already the newest version (5.0.89-0kali1).

The following package was automatically installed and is no longer required:

ruby2.5

Use 'sudo apt autoremove' to remove it.

0 upgraded, 0 newly installed, 0 to remove and 1299 not upgraded.

[*] Pulling down binary dependencies

[*] Empty folder... git cloning

Cloning into '/var/lib/veil/setup-dependencies'...

remote: Enumerating objects: 12, done.

remote: Total 12 (delta 0), reused 0 (delta 0), pack-reused 12

Receiving objects: 100% (12/12), 207.29 MiB | 47.00 KiB/s, done.

[*] Installing Wine

[*] Already have x86 architecture added...

[*] Installing Wine 32-bit and 64-bit binaries (via APT)

E: Error, pkgProblemResolver::Resolve generated breaks, this may be caused by held packages.

[ERROR] Failed with installing wine (2): 0

[*] [ALERT]: Existing Veil Wine environment detected at: /var/lib/veil/wine

 Do you want to nuke it? ([y]es/[N]o): Y

[*] Deleting existing Veil Wine environment...

[*] Creating new Veil Wine environment in: /var/lib/veil/wine

[*] Initializing Veil's Wine environment...

sudo: wine: command not found

[ERROR] Veil Wine environment could not be found!

[ERROR] Check for existence of /var/lib/veil/wine/drive_c

[*] Finished package installation

[*] Initializing (OS + Wine) Python dependencies installation...

[*] Installing (Wine) Python...

[*] Next -> Next -> Next -> Finished! ...Overwrite if prompt (use default values)

sudo: wine: command not found

[ERROR] Failed to install (Wine) Python 3.4.4... Exit code: 1

[*] Installing (Wine) Python dependencies...

[*] Installing (Wine) Python's pywin32-220.win32-py3.4.exe...

[*] Next -> Next -> Next -> Finished! ...Overwrite if prompt (use default values)

warning [pywin32-220.win32-py3.4.exe]: 192288 extra bytes at beginning or within zipfile

(attempting to process anyway)

cp: target '/var/lib/veil/wine/drive_c/Python34/Lib/site-packages/' is not a directory

cp: target '/var/lib/veil/wine/drive_c/Python34/Scripts/' is not a directory

sudo: wine: command not found

[*] Installing (Wine) Python's pycrypto-2.6.1.win32-py3.4.exe...

[*] Next -> Next -> Next -> Finished! ...Overwrite if prompt (use default values)

warning [pycrypto-2.6.1.win32-py3.4.exe]: 191515 extra bytes at beginning or within zipfile

(attempting to process anyway)

cp: target '/var/lib/veil/wine/drive_c/Python34/Lib/site-packages/' is not a directory

[*] Installing (OS) Python's PyInstaller (via TAR)

[*] Installing (Wine) Python's PIP pefile

sudo: wine: command not found

[ERROR] Failed to run (wine) Python pip... Exit code: 1

sudo: wine: command not found

[ERROR] Failed to run (wine) Python pip future... Exit code: 1

sudo: wine: command not found

[ERROR] Failed to run (wine) Python pip pefile... Exit code: 1

[*] Finished (Wine + OS) Python dependencies installation

[*] Initializing (Wine) Ruby installation...

[*] Installing (Wine) Ruby & dependencies

[*] Next -> Next -> Next -> Finished! ...Overwrite if prompt (use default values)

sudo: wine: command not found

[ERROR] Failed to install (Wine) Ruby.exe... Exit code: 1

[*] Installing (Wine) Ruby OCRA gem...

sudo: wine: command not found

[ERROR] Failed to run (wine) Ruby OCRA.. Exit code: 1

[*] Extracting (Wine) Ruby dependencies...

[*] Finished Ruby installation

[*] Initializing Go installation...

[*] Installing Go x86_64 (via TAR)

[*] Finished Go installation

[*] Initializing AutoIT installation...

[*] Installing (Wine) AutoIT

[*] Next -> Next -> Next -> Finished! ...Overwrite if prompt (use default values)

sudo: wine: command not found

[ERROR] Failed to run (wine) AutoIT.. Exit code: 1

[*] Finished AutoIT installation

[*] Updating Veil configuration...

[*] Detected current Veil settings. Removing...

Veil Configuration:

[*] OPERATING_SYSTEM = Kali

[*] TERMINAL_CLEAR = false

[*] VEIL_PATH = /opt/Veil/

[*] WINEPREFIX = /var/lib/veil/wine/

[*] TEMP_PATH = /tmp/

[*] METASPLOIT_PATH = /usr/share/metasploit-framework/

[*] MSFVENOM_PATH = /usr/bin/

[*] MSFVENOM_OPTIONS =

[*] PYINSTALLER_PATH = /var/lib/veil/PyInstaller-3.2.1/

[*] GOLANG_PATH = /var/lib/veil/go/

Veil-Evasion Configuration:

[*] PAYLOAD_SOURCE_PATH = /var/lib/veil/output/source/

[*] PAYLOAD_COMPILED_PATH = /var/lib/veil/output/compiled/

[*] HANDLER_PATH = /var/lib/veil/output/handlers/

[*] HASH_LIST = /var/lib/veil/output/hashes.txt

[I] Path '/etc/veil/' Created

[I] Configuration File Written To: '/etc/veil/settings.py'

[*] Ensuring this account (root) owns veil output directory (/var/lib/veil/output)...

[*] Ensuring this account (root) has correct ownership of /var/lib/veil/wine

[*] Finished Veil configuration...

[*] Finished environment checks

[ERROR] There was issues installing the following:

Failed with apt-get update (1): 0

Failed with installing dependencies (1): 0

Failed with installing wine (2): 0

Veil Wine environment could not be found!

Check for existence of /var/lib/veil/wine/drive_c

Failed to install (Wine) Python 3.4.4... Exit code: 1

Failed to run (wine) Python pip... Exit code: 1

Failed to run (wine) Python pip future... Exit code: 1

Failed to run (wine) Python pip pefile... Exit code: 1

Failed to install (Wine) Ruby.exe... Exit code: 1

Failed to run (wine) Ruby OCRA.. Exit code: 1

Failed to run (wine) AutoIT.. Exit code: 1

[I] If you have any errors running Veil, run: './Veil.py --setup' and select the nuke the wine folder option

[I] Done!

Any additional info you want to tell me

Can you fix my problem veilsetup.txt

closed time in 2 months

saziburrahman

issue commentVeil-Framework/Veil

Wine Installation problem

Please fix the repos that you use

saziburrahman

comment created time in 2 months

created tagFortyNorthSecurity/MiddleOut

tagv20200519.2

A small .NET compression utility

created time in 2 months

release FortyNorthSecurity/MiddleOut

v20200519.2

released time in 2 months

PR closed Arvanaghi/CheckPlease

Fix Typo in Python -> parent_process.py

Original: os.getppid() Fixed: os.getpid()

+1 -1

3 comments

1 changed file

SynAckPwn23

pr closed time in 3 months

push eventFortyNorthSecurity/C2concealer

Christopher Truncer

commit sha 97b807b0af0bc9c5bbea55e62b1b8cfead3caaf6

automatically installs and doesn't wait for prompt

view details

push time in 3 months

issue closedVeil-Framework/Veil

Problem during Veli Framework installation

Veil version

Veil 3.1.X

OS Used

Ubuntu

How did you install Veil?

Clone from Github but when I install it ask for username and password of github of this repository.How to solve it?

Did you run the setup script?

yes

closed time in 3 months

Abhranil-Manna

issue commentVeil-Framework/Veil

Problem during Veli Framework installation

Veil doesn't ask for your username and password from github. Just clone the repo normally by cloning the repo path. Worst case, you can just download the repo too

Abhranil-Manna

comment created time in 3 months

pull request commentArvanaghi/CheckPlease

Fix Typo in Python -> parent_process.py

Hi there, I reviewed this pull request along with the original code and everything appears to be correct in its original state. The original code pulls the parent process ID (getppid()).

I just want to make sure there isn't something I am missing

SynAckPwn23

comment created time in 3 months

issue closedVeil-Framework/Veil

wine32 install error

[!] ERROR #2-3: Can't find the WINE profile for AuotIT v3 (/var/lib/veil/wine//drive_c/Program Files/AutoIt3/Aut2Exe/Aut2exe.exe). Run: /root/Veil/config/setup.sh --force --silent

i have some isue in ./setup.sh in wine32 .

closed time in 3 months

tengocharly12

startedleftp/VmdkReader

started time in 3 months

issue commentFortyNorthSecurity/EyeWitness

Huge geckodriver.log file

I'm not sure how you're getting it that size, but EyeWitness itself doesn't generate geckodriver.log. That will be Selenium.

We did just merge in a pull request to specify the location for the geckodriver.log file. You can just point it to /dev/null or some other location if you want to at this point

xqd-ai

comment created time in 3 months

issue closedFortyNorthSecurity/EyeWitness

Huge geckodriver.log file

OS Used - ALL Information (architecture, linux flavor, etc.)

Kali latest

Pastebin link to error you are encountering

N/A

Expected behavior (vs. what you encountered)

Turn off geckodriver file!

Any additional information

I'm getting a very huge geckodriver.log file with every use of EyeWitness, file size is tens of gigabytes, is there a way to turn off this log

closed time in 3 months

xqd-ai

created tagFortyNorthSecurity/EyeWitness

tagv20200504.1

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

created time in 3 months

release FortyNorthSecurity/EyeWitness

v20200504.1

released time in 3 months

push eventFortyNorthSecurity/EyeWitness

Nicolas Beguier

commit sha 344032b0f726851d49c87b2538a18bf718888a3b

Add --selenium-log-path argument to handle Selenium geckodriver logs

view details

ChrisTruncer

commit sha ced301aaec2e7de24eba65bcec4235987935e50d

Merge pull request #479 from nbeguier/master Add --selenium-log-path argument to handle Selenium geckodriver logs

view details

push time in 3 months

PR merged FortyNorthSecurity/EyeWitness

Add --selenium-log-path argument to handle Selenium geckodriver logs

Feature:

  • Add --selenium-log-path in Eyewitness CLI to handle Selenium geckodriver logs. For instance, they can be redirected to /dev/null if they are unwanted.

If I didn't respect some of your code requirements, be free to notice me.

+3 -1

0 comment

2 changed files

nbeguier

pr closed time in 3 months

more