Forum Thread: Veil-Evasion Problem ( Kali Linux )

Veil-Evasion Problem ( Kali Linux )

When i use an exploit, i receive an error...

Here is printscreen with the error: http://postimg.org/image/fd7zq8ubl/
If someone can help me.. i didn't found nothing on Google :(.

P.S: Sorry for my bad english.. ;-s.

17 Responses

Please provide the steps you followed.

I used git clone command and the link... and that was all. Right?

To me, It seems like you don't have the python libraries installed, or the libraries necessary to create that .exe (not for 100% certain though. better wait until a more experienced member replies to take action.)

I think you are correct as well. It clearly says libraries are not found . Try to reinstall Veil-Evasion. That should solve the problem and reinstall the libraries.

I already reinstalled it... for about 4-5 times.. i don't know what to do...

I saw on YT a tutorial where comes a window for installing Python 2.7 or smth like that, but i didn't see that window... in my Kali.. is that a problem?

Did you run the setup.sh file after the clone? Did you try following OTW's how to ? here

Yeah, but i receive this error when i try to install pywin 3.2:
Unhandled exception: page fault on read access to 0x3e892268 in 32-bit code (0x1e044a38).
Register dump:
CS:0023 SS:002b DS:002b ES:002b FS:0063 GS:006b
EIP:1e044a38 ESP:0033bffc EBP:00c4f910 EFLAGS:00010202( R- -- I - - - )
EAX:1ffffffc EBX:00000004 ECX:1e892268 EDX:ffffffff
ESI:00000000 EDI:00000004
Stack dump:
0x0033bffc: 1e048370 00bc4cb0 00000000 1e04839a
0x0033c00c: 00000004 00000004 00c23a70 1e21f150
0x0033c01c: 041cec61 001a99c0 001ae300 001b1294
0x0033c02c: 001de240 1e08e62b 001a99c0 001ae300
0x0033c03c: 041cec61 001ae300 00c008b8 001aff30
0x0033c04c: 1e08cb4e 1e226bd8 00000001 00000001
Backtrace:
=>0 0x1e044a38 in python27 (+0x44a38) (0x00c4f910)
1 0x1e226bd8 in python27 (+0x226bd7) (0x00000001)
0x1e044a38: testb $0x1,0x4(%eax,%ecx,1)

Modules:
Module Address Debug info Name (68 modules)
PE 400000- 436000 Deferred pywin32-218.win32-py2.7
PE 1e000000-1e261000 Export python27
ELF 7b800000-7ba3a000 Deferred kernel32<elf>
\-PE 7b810000-7ba3a000 \ kernel32
ELF 7bc00000-7bcd4000 Deferred ntdll<elf>
\-PE 7bc10000-7bcd4000 \ ntdll
ELF 7bf00000-7bf04000 Deferred <wine-loader>
ELF 7e039000-7e0d7000 Deferred msvcrt<elf>
\-PE 7e050000-7e0d7000 \ msvcrt
ELF 7e0d7000-7e106000 Deferred msvcr90<elf>
\-PE 7e0e0000-7e106000 \ msvcr90
ELF 7e17b000-7e1b5000 Deferred usp10<elf>
\-PE 7e180000-7e1b5000 \ usp10
ELF 7e207000-7e23d000 Deferred uxtheme<elf>
\-PE 7e210000-7e23d000 \ uxtheme
ELF 7e23d000-7e243000 Deferred libxfixes.so.3
ELF 7e243000-7e24d000 Deferred libxcursor.so.1
ELF 7e2a6000-7e2ce000 Deferred libexpat.so.1
ELF 7e2ce000-7e304000 Deferred libfontconfig.so.1
ELF 7e304000-7e313000 Deferred libxi.so.6
ELF 7e313000-7e316000 Deferred libxcomposite.so.1
ELF 7e316000-7e31e000 Deferred libxrandr.so.2
ELF 7e31e000-7e328000 Deferred libxrender.so.1
ELF 7e328000-7e32e000 Deferred libxxf86vm.so.1
ELF 7e32e000-7e331000 Deferred libxinerama.so.1
ELF 7e331000-7e355000 Deferred imm32<elf>
\-PE 7e340000-7e355000 \ imm32

ELF 7e355000-7e35b000 Deferred libxdmcp.so.6
ELF 7e35b000-7e35e000 Deferred libxau.so.6
ELF 7e35e000-7e381000 Deferred libxcb.so.1
ELF 7e381000-7e387000 Deferred libuuid.so.1
ELF 7e387000-7e4bf000 Deferred libx11.so.6
ELF 7e4bf000-7e4d1000 Deferred libxext.so.6
ELF 7e4d1000-7e4ea000 Deferred libice.so.6
ELF 7e4ea000-7e4f2000 Deferred libsm.so.6
ELF 7e4f2000-7e58e000 Deferred winex11<elf>
\-PE 7e500000-7e58e000 \ winex11
ELF 7e58e000-7e5a7000 Deferred libz.so.1
ELF 7e5a7000-7e643000 Deferred libfreetype.so.6
ELF 7e65f000-7e6df000 Deferred rpcrt4<elf>
\-PE 7e670000-7e6df000 \ rpcrt4
ELF 7e6df000-7e809000 Deferred ole32<elf>
\-PE 7e700000-7e809000 \ ole32
ELF 7e809000-7e87d000 Deferred shlwapi<elf>
\-PE 7e820000-7e87d000 \ shlwapi
ELF 7e87d000-7eaa4000 Deferred shell32<elf>
\-PE 7e890000-7eaa4000 \ shell32
ELF 7eaa4000-7eb10000 Deferred advapi32<elf>
\-PE 7eab0000-7eb10000 \ advapi32
ELF 7eb10000-7ebdd000 Deferred gdi32<elf>
\-PE 7eb20000-7ebdd000 \ gdi32
ELF 7ebdd000-7ed31000 Deferred user32<elf>
\-PE 7ebf0000-7ed31000 \ user32
ELF 7ed31000-7ee33000 Deferred comctl32<elf>
\-PE 7ed40000-7ee33000 \ comctl32
ELF 7ee33000-7ee3f000 Deferred libnssfiles.so.2
ELF 7ee3f000-7ee4a000 Deferred libnss
nis.so.2
ELF 7ee4a000-7ee61000 Deferred libnsl.so.1
ELF 7efbe000-7efe4000 Deferred libm.so.6
ELF 7efe6000-7f000000 Deferred version<elf>
\-PE 7eff0000-7f000000 \ version
ELF f74a2000-f74aa000 Deferred libnsscompat.so.2
ELF f74b0000-f74b4000 Deferred libdl.so.2
ELF f74b4000-f7618000 Deferred libc.so.6
ELF f7619000-f7632000 Deferred libpthread.so.0
ELF f7632000-f7775000 Dwarf libwine.so.1
ELF f7793000-f77b1000 Deferred ld-linux.so.2
ELF f77b3000-f77b4000 Deferred vdso.so

Threads:
process tid prio (all id:s are in hex)
0000000e services.exe
0000001f 0
0000001e 0
00000015 0
00000010 0
0000000f 0
00000012 winedevice.exe
0000001c 0
00000019 0
00000014 0
00000013 0
0000001a plugplay.exe
00000020 0
0000001d 0
0000001b 0
0000002c (D) Z:\usr\share\veil-evasion\setup\pywin32-218.win32-py2.7.exe
0000002d 0 <==
0000002e explorer.exe
0000002f 0
System information:
Wine build: wine-1.4.1
Platform: i386
Host system: Linux
Host version: 3.18.0-kali3-amd64_

So it doesn't work on x64 bit? I need to install x32bit version..... but i remember, that 2 weeks ago, or smth like this, veil worked but there was less exploits, so i guess that it was a previous version.. and maybe after an update or smth like that i receive that error... It was about 35 payloads.. and now i have 46 payloads. Anyway, i will try to install x32 bit version, thank you !

I have it working on a 64 bit version of Kali, so I'm not sure why they are saying that either. Could be a version issue, update that is causing it, something like that. They couldn't reproduce the issue so who knows what the ultimate culprit is. When you run the setup.sh file it says

[i] If you have any errors running Veil-Evasion, delete your WINE profile (rm -rf ~/.wine) and re-run setup.sh.
Maybe try that and see what happens, otherwise try what Chris Truncer said (he would know better then us).

hello to everyone
first i'm sorry for my english

i'm here to help and i don't know you so if this is simple and you are an exprienced user of genu linux don't be angry at me.

for installing veil first you must add i386 packages to your x64 kali with this command
dpkg --add-architecture i386
then change your repositories in
etc/apt/sources.list
first add # sign to the first of each link then add these pepos to the file and save it
these worked for me on kali2 sana.

# Regular repositories
deb http://http.kali.org/kali sana main non-free contrib
deb http://security.kali.org/kali-security sana/updates main contrib non-free

# Source repositories
deb-src http://http.kali.org/kali sana main non-free contrib
deb-src http://security.kali.org/kali-security sana/updates main contrib non-free

then update and upgrade your kali with "apt-get update" and "apt-get upgrade"
then go to veil evatsion and setup directory and simply enter this command in terminal
"./setup.sh -c"
then after installing for starting the app use "python2 ./Veil-Evasion" instead of "./Veil-Evasion".
this is all you need to know for running veil on a healthy x64 kali.

my email => m0101ilzbig@gmail.com

I'm sorry i had mistake in typing
GNU Linux not genu linux (L5)
repositories not pepos (L10)
and if you had any question or idia i will be happy to recieve it from my email

I think this app will not work soon because antivirus makers can easily get the app samples so if anyone have another secret solution for making backdoors undetectable please send me an email.

i tried all of my personal ways but these antiviruses growing up every day. i even tried to encrypt it manually with archivers and make an autorun for that but some next generated anti virus bust my backdoor just before executing. please help me and i will return your favor with some uniqe idias.

thanks.

Share Your Thoughts

  • Hot
  • Active