Jump to content

Recommended Posts

Posted

Hey!

I'm using the FCS method of letting a payload know what's happening (File Command System), but whenever I create a file using New-Item -type file (specifying a path, of course), and then having the Bunny check for the file, the Bunny cannot see the created file, even though I can see it on STORAGE mode. I tried using 'sync', just in case it was just a RAM thing, but that didn't work either.

Any ideas?

The file is being created in the Bunny's loot folder "d:\loot\", and the Bunny is looking at "/root/udisk/loot/<filename>".
You might think "hey, you moron, can't you see that? /root/udisk isn't a live copy!" but it is, because I can create a file with my payload (I do, in the same payload btw) and I can see it with Powershell scripts. Very weird indeed!

Anyway, would love a hand :) Or many hands..

Posted

Have not seen that before, will have to try it myself to see what happens.  Are you using SMB through network or USB storage mode so I can replicate?

 

Also, some preliminary things to try.  Do not know the whole syntax of your new item command but lets try seeing if the full syntax would help if not tried yet like so.

new-item -Type File -Path "C:\Folderforfile" -Name myfile.txt

Also, if you are just sending output to a file, you can skip creating the file and just try outputting to a file which will be created if not exists.  Also, if it does it can be appended.

<You command to get output> | Add-Content -Path "c:\myfilefolder\myfile.txt"

I will have to try what you are doing to see if I get same results to say for sure what is happening.

Of course the final is if it happens to be a sync issue is try the .NET way of creating the file and manually closing it to see if it sticks in both OSes eyes.

Posted (edited)

Yes, I am using USB storage mode.

The way I was using New-Item (I tried a few different ways - including the one you used) was like so:

New-Item $bb\loot\COMPLETE -Value "COMPLETE" -Type file

I'll go with the next move...

echo "COMPLETE" | Out-File $bb\loot\COMPLETE -Encoding ASCII

Next move didn't work. My code:

Powershell side:

echo "COMPLETE" | Out-File $bb\loot\COMPLETE -Encoding ASCII

Bunny side:

while ! [ -f $LOOT_DIR/COMPLETE ]
do
	# Still can't see it..
	sleep 1
done
# Yay! We can see the file!

 

Edited by Dave-ee Jones

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...