created exes not working in windows 7 #8
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Hi , i created an exe with your script , and i installed specifically windows 7 to test it out .
The exe is 32bit , and this w7 is also 32bit .
Before this video i opened metasploit console with a listener script but it was unable to gt any connection from this station .
This exe was supposedly to connect to an ip on my local network , and i checked if powershell was installed .
I used tcpview to monitor the outside connection to see if the Exe was trying to connect to my lan ip , but it looks that exe crashes on there is anything wrong on the payload .
i created a video .
On this video there will be a black space , this happened when windows asked me to run app as administrator , but camstudio was unable to catch that .
Let me know if you are aware of this issue , and let me know if you need dome tests from here to check it out what is happening .
here it is the video : https://www.youtube.com/watch?v=vZoSZ7GAH18
I notice that you updated recently powerstager , i install it and it is poping an error .
I believe this error may be related to the c code that mingw will have to compile .
It seems I didn't fully test the functionality for 32bit. Mingw (32bit) seems to be a bit more picky with windows.h. I changed
int WinMain(toint WINAPI WinMain(and it compiles for 32bit. I haven't committed this change yet.When it comes to the REVERSE_TCP payload, having a quick look at the code, it looks like I missed including the 32bit version of the shellcode. I will have a closer look, and probably release a patch today.
Thanks , i will not patch yet my local git , i will wait for the full patch on your git and then i test it .
Ok , i compiled your latest git and created an exe .
Now the connection is established but metasploit is unable to initiate the stager so it can establish a session .
i created a video for you to look up :
https://youtu.be/1s-YU1gyoq0
Let me know if you need any tests on win7 32bit , i can do it here .
Using the merterpreter option the result is different , msfconsole is unable to establish the connection because of an ssl error .
What payload did you generate from PowerStager? It seems that MSF gets a call, but a faulty payload is staged. I compiled a list of different scenarios below and the expected outcome of each. This is also the result I get when I test it. I use newly installed Windows 7 (32bit) and Windows 2008 R2 (64bit) in this test.
Note: the
--reverse-shelloption is only intended to be used together with the--listener, or with a separate one like netcat. It is not used together with MSF.Scenario: PS_WIN32, MSF_X64 on 64bit Windows
Scenario: PS_WIN64, MSF_X64 on 64bit Windows
Scenario: PS_WIN32, MSF_X86 on 64bit Windows
Scenario: PS_WIN64, MSF_X86 on 64bit Windows
Scenario: PS_WIN32, MSF_X64 on 32bit Windows
Scenario: PS_WIN64, MSF_X64 on 32bit Windows
Scenario: PS_WIN32, MSF_X86 on 32bit Windows
Scenario: PS_WIN64, MSF_X86 on 32bit Windows
thanks for the info , i will do my tests here according to your output .
Basically i created your payload accordingly to your readme file and according to the listener you create with your script .
check line 874 in your previous version of powerstager here : https://github.com/peterpt/powerstager/blob/master/powerstager/powerstager.py
Another thing , i think it could be interesting if you change the module on your script from "urllib.parse" to "urllib" , so python 2.7 can also execute your script .
However , this last option it is your decision .
Thank you for your reply on this subject , i will let you know how where my tests here .
Thanks for the changes , i was testing it now and it is working perfectly .
I made a video of the testing in case you want to see it .
https://youtu.be/4xkiAPDXfPM