Villain icon indicating copy to clipboard operation
Villain copied to clipboard

Published 20 hours ago verified publisher icon t3l3machus

odd behaviour on new joins (Arch linux)

Open oldkingcone opened this issue 2 years ago • 3 comments

When attempting to add new bots to the session handler, it appears as though there is an odd error:

Exception occurred during processing of request from ('10.129.228.117', 53058)
Traceback (most recent call last):
  File "/usr/lib/python3.10/socketserver.py", line 316, in _handle_request_noblock
    self.process_request(request, client_address)
  File "/usr/lib/python3.10/socketserver.py", line 347, in process_request
    self.finish_request(request, client_address)
  File "/usr/lib/python3.10/socketserver.py", line 360, in finish_request
    self.RequestHandlerClass(request, client_address, self)
  File "/usr/lib/python3.10/socketserver.py", line 747, in __init__
    self.handle()
  File "/usr/lib/python3.10/http/server.py", line 432, in handle
    self.handle_one_request()
  File "/usr/lib/python3.10/http/server.py", line 420, in handle_one_request
    method()
  File "/home/user/clones/villan/Core/villain_core.py", line 910, in do_POST
    Sessions_manager.active_sessions[session_id]['last_received'] = timestamp
KeyError: 'b46f147a-1bf3b0f8-fb09af4e'
----------------------------------------

Attempting to nest the function on line 910 in a try except statement appears to correct the error, but introduces a new one:

Traceback (most recent call last):
  File "/usr/lib/python3.10/socketserver.py", line 316, in _handle_request_noblock
    self.process_request(request, client_address)
  File "/usr/lib/python3.10/socketserver.py", line 347, in process_request
    self.finish_request(request, client_address)
  File "/usr/lib/python3.10/socketserver.py", line 360, in finish_request
    self.RequestHandlerClass(request, client_address, self)
  File "/usr/lib/python3.10/socketserver.py", line 747, in __init__
    self.handle()
  File "/usr/lib/python3.10/http/server.py", line 432, in handle
    self.handle_one_request()
  File "/usr/lib/python3.10/http/server.py", line 420, in handle_one_request
    method()
  File "/home/user/clones/villan/Core/villain_core.py", line 911, in do_POST
    Sessions_manager.active_sessions[session_id]['last_received'] = timestamp
TypeError: 'str' object does not support item assignment
----------------------------------------

When trying to add new bots to the framework, the error message will repeat until the application/C2 is closed.

Also to note, when trying to use this with custom tunnel device names, it does not catch reverse shells, for example if the tunnel name is htb_tun, it will not pick it up as a valid interface. Will future editions include command line options to specify the interface?(I have been editing the settings.py script with the right ip/interface address, but this appears cumbersome)

oldkingcone avatar Nov 30 '22 19:11 oldkingcone

I'll check it out and get back to you soon, thanks

t3l3machus avatar Nov 30 '22 20:11 t3l3machus

no problem

oldkingcone avatar Nov 30 '22 20:11 oldkingcone

same issue with windows machines

dolt0n avatar Dec 09 '22 07:12 dolt0n

I am seeing this when trying to launch a session on a Windows server 2012 R2 box. Tried encoded from CMD and obfuscated from PSH. Both respond the same as above.

ll3N1GmAll avatar Jan 04 '23 04:01 ll3N1GmAll

I havent seen anything yet that can fix this issue. Im going to poke around the code a bit more, kinda shelved this myself. If i find a fix ill post it here.

oldkingcone avatar Jan 05 '23 16:01 oldkingcone

Going to close this, looks like this specific issue is fixed.

oldkingcone avatar May 27 '23 02:05 oldkingcone