bao7uo / rau_crypto Goto Github PK

too much errors in code

Hey Paul,

do you have the DLL you would suggest to use to get a shell at all?

Hi,

Issue: cipher.encrypt need bytes and not string.

The return line on encrypt function bring to:

Traceback (most recent call last):
  File "RAU_crypto.py", line 327, in <module>
    mode_Post()
  File "RAU_crypto.py", line 285, in mode_Post
    print(upload(TempTargetFolder, Version, payload_filename, url))
  File "RAU_crypto.py", line 201, in upload
    payload_filename
  File "RAU_crypto.py", line 163, in payload
    data += rauPostData_prep(quiet, TempTargetFolder, Version) + "\r\n"
  File "RAU_crypto.py", line 111, in rauPostData_prep
    RAUCipher.encrypt(TempTargetFolder),
  File "RAU_crypto.py", line 76, in encrypt
    return base64.b64encode(cipher.encrypt(plaintext)).decode()
  File "C:\Python36\lib\site-packages\Crypto\Cipher\_mode_cbc.py", line 162, in
encrypt
    c_uint8_ptr(plaintext),
  File "C:\Python36\lib\site-packages\Crypto\Util\_raw_api.py", line 196, in c_u
int8_ptr
    raise TypeError("Object type %s cannot be passed to C code" % type(data))
TypeError: Object type <class 'str'> cannot be passed to C code

Anyway I solved such issue changing from:
return base64.b64encode(cipher.encrypt(plaintext)).decode()
To:
return base64.b64encode(cipher.encrypt(plaintext.encode('utf-8'))).decode()

Thanks

hi I could not use your code with mixdll in kali ,please guide for make mixdll ,I build dll in visual studio 2017 but i can not make mixdll with your guide in your page
I use other projects that they use your code bud any of them didn't work
thanks
https://github.com/noperator/CVE-2019-18935

Q1:How to mapping Telerik.Web.UI.WebResource version in this http response

Version=4.0.0.0, CultureTelerik.Web.UI.WebResource.axd?TSM_HiddenField=ContentPlaceHolder_FormTop_RadScriptManager1_TSM&compress=1&TSM_CombinedScripts=;;System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35:zh-TW:8f95decb-d716-4257-bc42-c772df7173e5:ea597d4b:b25378d2;Telerik.Web.UI:zh-TW:df833b2e-28ee-45e7-8320-6f2a9cb883d7:16e4e7cd:f7645509:22a6274a:24ee1bba:6a6d718d

Q2
How to fix unbound method addHmac() must be called with RAUCipher instance as first argument (got str instance instead)

log:
python 43874.py -P c:\inetpub\wwwroot 2017.2.503 43609.py https://target/Telerik.Web.UI.WebResource.axd?type=rau

file: 43609.py
version:2017.2.503
destination c:\inetpub\wwwroot
Preparing payload...
Traceback (most recent call last):
File "43874.py", line 322, in
mode_Post()
File "43874.py", line 280, in mode_Post
print(upload(TempTargetFolder, Version, payload_filename, url))
File "43874.py", line 196, in upload
payload_filename
File "43874.py", line 158, in payload
data += rauPostData_prep(quiet, TempTargetFolder, Version) + "\r\n"
File "43874.py", line 103, in rauPostData_prep
Version
TypeError: unbound method addHmac() must be called with RAUCipher instance as first argument (got str instance instead)

How to upload a arbitrary file upload Please give an example? Documentation is not understandable 🤔🤔

pycrypto library is outdated, pycryptodome should be used