Skip to content
This repository has been archived by the owner on Jan 10, 2024. It is now read-only.

Veil-Evasion Pyinsataller Payload 29 python/aes_ecnrypt unexpected ident #300

Closed
jedn opened this issue Jun 9, 2019 · 2 comments
Closed

Veil-Evasion Pyinsataller Payload 29 python/aes_ecnrypt unexpected ident #300

jedn opened this issue Jun 9, 2019 · 2 comments

Comments

@jedn
Copy link

jedn commented Jun 9, 2019
edited
Loading

Veil version

3.1.11

OS Used - all info (architecture, linux flavor, etc)

Kali 2019.1
uname -a
Linux kali 4.19.0-kali4-amd64 #1 SMP Debian 4.19.28-2kali1 (2019-03-18) x86_64 GNU/Linux
metasploit v5.0.19-dev
Python 3.7.3rc1

How did you install Veil? (Apt, Clone from Github, etc.)

Using instructions provided on official page (apt -y install veil)

Did you run the setup script?

yes
/usr/share/veil/config/setup.sh --force --silent

Pastebin link to error you are encountering (include console actions you took prior to error)

the steps taken are as follows:
use 1
use 29
set clicktrack 4
set sleep 31
set use_pyherion Y
generate
2 - msfvenom
set payload to windows/meterpreter/reverse_tcp
set lhost
set lport
no extra msfvenom options
Generating shellcode using msfvenom...
entered the base name...
1 - PyInstaller (default) for payload executable creations

AFTER I GET THE FOLLOWING ERROR

[>] Please enter the number of your choice: 1
2804 INFO: PyInstaller: 3.2.1
2805 INFO: Python: 3.4.4
2807 INFO: Platform: Windows-7-6.1.7601-SP1
2840 INFO: wrote Z:\usr\share\veil\veilpymetrevtcpaes1.spec
2862 INFO: UPX is not available.
2913 INFO: Extending PYTHONPATH with paths
['Z:\var\lib\veil\output\source', 'Z:\usr\share\veil']
2914 INFO: Will encrypt Python bytecode with key: 0000000zXLwqLmTT
2918 INFO: Adding dependencies on pyi_crypto.py module
2919 INFO: checking Analysis
2920 INFO: Building Analysis because out00-Analysis.toc is non existent
2921 INFO: Initializing module dependency graph...
2957 INFO: Initializing module graph hooks...
2983 INFO: Analyzing base_library.zip ...
8712 INFO: Processing pre-find module path hook distutils
11299 INFO: Analyzing hidden import 'Crypto.Cipher.AES'
11333 INFO: running Analysis out00-Analysis.toc
11541 INFO: Caching module hooks...
11587 INFO: Analyzing \var\lib\veil\output\source\veilpymetrevtcpaes1.py
Traceback (most recent call last):
File "/var/lib/veil/PyInstaller-3.2.1//pyinstaller.py", line 15, in
run()
File "Z:\var\lib\veil\PyInstaller-3.2.1\PyInstaller_main.py", line 90, in run
run_build(pyi_config, spec_file, **vars(args))
File "Z:\var\lib\veil\PyInstaller-3.2.1\PyInstaller_main_.py", line 46, in run_build
PyInstaller.building.build_main.main(pyi_config, spec_file, **kwargs)
File "Z:\var\lib\veil\PyInstaller-3.2.1\PyInstaller\building\build_main.py", line 788, in main
build(specfile, kw.get('distpath'), kw.get('workpath'), kw.get('clean_build'))
File "Z:\var\lib\veil\PyInstaller-3.2.1\PyInstaller\building\build_main.py", line 734, in build
exec(text, spec_namespace)
File "", line 16, in
File "Z:\var\lib\veil\PyInstaller-3.2.1\PyInstaller\building\build_main.py", line 212, in init
self.postinit()
File "Z:\var\lib\veil\PyInstaller-3.2.1\PyInstaller\building\datastruct.py", line 161, in postinit
self.assemble()
File "Z:\var\lib\veil\PyInstaller-3.2.1\PyInstaller\building\build_main.py", line 413, in assemble
priority_scripts.append(self.graph.run_script(script))
File "Z:\var\lib\veil\PyInstaller-3.2.1\PyInstaller\depend\analysis.py", line 144, in run_script
self._top_script_node = super(PyiModuleGraph, self).run_script(pathname)
File "Z:\var\lib\veil\PyInstaller-3.2.1\PyInstaller\lib\modulegraph\modulegraph.py", line 1432, in run_script
co_ast = compile(contents, pathname, 'exec', ast.PyCF_ONLY_AST, True)
File "Z:\var\lib\veil\output\source\veilpymetrevtcpaes1.py", line 1
from time import sleep;from base64 import b64decode as gosErQphRNpwS; import struct; import time; import datetime; import sys;from Crypto.Cipher import AES as fbvAuFTCm;import win32api; from socket import AF_INET, SOCK_DGRAM; import base64; import ctypes as PciiqerpCHXKkWp; from Crypto.Cipher import AES; import socket
^
IndentationError: unexpected indent

                               Veil-Evasion

===============================================================================
[Web]: https://www.veil-framework.com/ | [Twitter]: @VeilFramework

[!] ERROR: Unable to create output file.
[] Source code written to: /var/lib/veil/output/source/veilpymetrevtcpaes1.py
[] Metasploit Resource file written to: /var/lib/veil/output/handlers/veilpymetrevtcpaes1.rc

Hit enter to continue...

Expected behavior

Binary generated successfully

Any additional info you want to tell me

Note: I have reinstalled and reconfigured veil several times.
@jedn jedn changed the title Veil-Evasion Pyinsataller Payload 29 python/aes_ecnrypt Veil-Evasion Pyinsataller Payload 29 python/aes_ecnrypt unexpected ident Jun 9, 2019
@ChrisTruncer
Copy link
Member

Thanks for the detailed info, I can reproduce this so I am looking into it

@ChrisTruncer
Copy link
Member

This should now be fixed with the latest commit (ab5a199). Thanks for reporting the issue!

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ChrisTruncer @jedn