no payload generated when using templaye.py

[nocomp]

hi folks,
thx a lot for this great tool, very intersting.
i am running kali 2020b and i had no issues to install and run venom framework.
one thing i ve noticed, all obfuscated payload don t work, never get a session open, and also form some of them when i want to have an exe out and not a .bat i get this error, sayin that there are no such file venom/output/dist/template.exe
here is the last payload log i ve generated, and nothing in /output
Generated key:f9bqOnSlVLWZnIszGFg3DOFcaF3Kur7vTvprFDNEEQqzeZFXXV12q6f9gGqvT7aXSkoqJZ

[☠] pyinstaller -> found!
[☠] compile template.py -> Ossl64b.exe
cp: impossible d'évaluer '/home/nocomp/tools/evasion/venom/output/dist/template.exe': Aucun fichier ou dossier de ce type
[☠] Start a multi-handler...
[☠] Press [ctrl+c] or [exit] to 'exit' meterpreter shell
[☯] Please dont test samples on virus total...

anything i should do check?
running 64b version

thank you for your time

[nocomp]

hello
same error with payload windows / 3, searching for another file
/evasion/venom/output/dist/Orevshell.exe': Aucun fichier ou dossier de ce type

[r00t-3xp10it]

I belive you have some bug on 'pyinstaller' ...
Because its pyinstaller that compiles the python 'template.py' to binary (EXE) 'Ossl64b.exe'..

[nocomp]

hi,
thxx a lot, i ll see if i can manyally install / fix this.
i keep you posted on monday.
thxx for your time

[nocomp]

hi @r00t-3xp10it hope you are doin well,
as promised i gave it a try, so first i ve installed pyinstaller:
Installed /usr/local/lib/python2.7/dist-packages/altgraph-0.17-py2.7.egg
Searching for setuptools==44.0.0
Best match: setuptools 44.0.0
Adding setuptools 44.0.0 to easy-install.pth file
Installing easy_install script to /usr/local/bin

Using /usr/lib/python2.7/dist-packages
Finished processing dependencies for PyInstaller==3.6

then i run venom.sh

then i choose 2 ; then 17

got a message sayin it use avet, clic on yes, it download avet and i can see this error:

[☠] Shellcode Generator
[➽] Chose Agent number:17
[☠] MinGw EXE compiler found ..
[x] avet obfuscator not found ..
[☠] Installing avet software ..
gcc: error: make_avet.c: Aucun fichier ou dossier de ce type
gcc: fatal error: no input files
compilation terminated.
gcc: error: sh_format.c: Aucun fichier ou dossier de ce type
gcc: fatal error: no input files
compilation terminated.
[✔] Done installing avet ..
[☠] Enter shellcode settings!

then entering lhost and lport and name

then i choose reverse_tcp

get same error again
cat: /home/nocomp/tools/evasion/venom/obfuscate/avet/template.txt: Aucun fichier ou dossier de ce type

[☠] Editing/backup files ..
[☠] Decoding shellcode with avet ..
rm: impossible de supprimer '/home/nocomp/tools/evasion/venom/obfuscate/avet/template.txt': Aucun fichier ou dossier de ce type
[☠] Obfuscating shellcode with avet ..
./venom.sh: 9398: ./make_avet: not found
[☠] Compiling shellcode to exe ..
/usr/bin/mingw-gcc: 2: cd: can't cd to /root/.wine/drive_c/MinGW/bin
gcc.exe: error: /home/nocomp/tools/evasion/venom/obfuscate/avet/avet.c: No such file or directory
gcc.exe: fatal error: no input files
compilation terminated.
[☠] Start a multi-handler...
[☠] Press [ctrl+c] or [exit] to 'exit' meterpreter shell
[☯] Please dont test samples on virus total...

and when i search this file in avet git files, can t find it
nocomp@kali:/tools/evasion/avet$ find /home/nocomp/tools/evasion/avet -name "template.*"
nocomp@kali:/tools/evasion/avet$ ls
avet.py build CHANGELOG LICENSE README.md source tools
banner.txt build_script_tester.py input output setup.sh test_payloads
nocomp@kali:~/tools/evasion/avet$

hope this does help to figure out
thxx for your time,truelly appreciate

best regards

[nocomp]

the funny part is that in /venom/obfuscate/avet
the file is here...
nocomp@kali:/tools/evasion/venom/obfuscate/avet$ ls
avet.py build CHANGELOG LICENSE README.md source test_payloads
banner.txt build_script_tester.py input output setup.sh template.txt tools
nocomp@kali:/tools/evasion/venom/obfuscate/avet$ pwd

everytime you run option 2 / agent 17 it force to re download avet files, but they are already in te venom/obfusc/avet dir, and once it has download them, it gives the same error
gcc: error: make_avet.c: Aucun fichier ou dossier de ce type

but file is in the dir
ocomp@kali:/tools/evasion/venom$ ls obfuscate/avet/source/
avet.c data_utility.h evasion get_payload payload_execution_method
avetsvc.c debug_print get_command get_payload_info static_data
command_exec decode_payload get_key implementations
nocomp@kali:/tools/evasion/venom$

[r00t-3xp10it]

Lets try to manually install avet...
(warning this method its allready flag by AV soluctions) ..

• 1 Move to the correct directory structure
  cd /home/nocomp/tools/evasion/venom/obfuscate/

• 2 delete AVET folder and all its contents
  rm -rf avet

• 3 Download AVET project
  git clone https://github.com/govolution/avet.git

• 4 Compile AVET files using GCC

cd avet
gcc make_avet.c -o make_avet
gcc sh_format.c -o sh_format

Final Notes:

gcc: error: make_avet.c: Aucun fichier ou dossier de ce type <-- venom cant find this file to compile it, and then offcourse that all code that cames next its fails (AVET does not be proper installed)..

[nocomp]

bonjour @r00t-3xp10it
thank you for your time, that s very nice of you.
dunno if it s the right fix cause as you said, it s already flagged, but one thing i ve noticed, once you git clone, thare are no such fil in avet/ can t find any make_avet.c or sh_format.c in source/ either
weird

[r00t-3xp10it]

Hi ..
I've been reviewing avet project on github and i have found the problem ..

avet developer have changed the way the tool its installed -> now insted of make_avet.c and sh_format.c ..the developer have written a new script to install the tool ( setup.sh ) ...

Final Notes:

I have been forced to write amsi evasion ( categorie nº8 ) in version 1.0.16 release because most payloads to windows ( categorie nº 2 ) are allready beeing flagged by AV soluctions ..

So.. to bypass ( windows ) Anti-virus its recomended to use the amsi evasion payloads ..