Dave-ee Jones Posted May 15, 2017 Posted May 15, 2017 Hey! I'm using the FCS method of letting a payload know what's happening (File Command System), but whenever I create a file using New-Item -type file (specifying a path, of course), and then having the Bunny check for the file, the Bunny cannot see the created file, even though I can see it on STORAGE mode. I tried using 'sync', just in case it was just a RAM thing, but that didn't work either. Any ideas? The file is being created in the Bunny's loot folder "d:\loot\", and the Bunny is looking at "/root/udisk/loot/<filename>". You might think "hey, you moron, can't you see that? /root/udisk isn't a live copy!" but it is, because I can create a file with my payload (I do, in the same payload btw) and I can see it with Powershell scripts. Very weird indeed! Anyway, would love a hand :) Or many hands.. Quote
PoSHMagiC0de Posted May 15, 2017 Posted May 15, 2017 Have not seen that before, will have to try it myself to see what happens. Are you using SMB through network or USB storage mode so I can replicate? Also, some preliminary things to try. Do not know the whole syntax of your new item command but lets try seeing if the full syntax would help if not tried yet like so. new-item -Type File -Path "C:\Folderforfile" -Name myfile.txt Also, if you are just sending output to a file, you can skip creating the file and just try outputting to a file which will be created if not exists. Also, if it does it can be appended. <You command to get output> | Add-Content -Path "c:\myfilefolder\myfile.txt" I will have to try what you are doing to see if I get same results to say for sure what is happening. Of course the final is if it happens to be a sync issue is try the .NET way of creating the file and manually closing it to see if it sticks in both OSes eyes. Quote
Dave-ee Jones Posted May 15, 2017 Author Posted May 15, 2017 (edited) Yes, I am using USB storage mode. The way I was using New-Item (I tried a few different ways - including the one you used) was like so: New-Item $bb\loot\COMPLETE -Value "COMPLETE" -Type file I'll go with the next move... echo "COMPLETE" | Out-File $bb\loot\COMPLETE -Encoding ASCII Next move didn't work. My code: Powershell side: echo "COMPLETE" | Out-File $bb\loot\COMPLETE -Encoding ASCII Bunny side: while ! [ -f $LOOT_DIR/COMPLETE ] do # Still can't see it.. sleep 1 done # Yay! We can see the file! Edited May 16, 2017 by Dave-ee Jones Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.