not show the URL http://192.168.1.100/Download.html about venom HOT 10 CLOSED

try to start apache2 manually ..can you ??
service apache2 start

then goto: http://192.168.1.100 <-- To see if apache2 its working

Another Thing: run setup.sh and delete venom domain name because it is not needed anymore (old configs)

from venom.

1º - so the problem was venom domain name config rigth ??
ANSWER : YES
(its interfering with AMSI Evasion Payloads) <= after you reverted the setting it starts working ?
ANSWER : YES its work perfectly

2º - nop ... because they required the files stored on apache2 <= ngrok will not give remote access to apache2 ..
(But... you can use the Agent (NOT THE DROPPER) with ngrok) <= because dropper will download/exec the agent

What the agent exactly can i use?

from venom.

if you are not on same network ..
you can manually deliver agent with ngrok and recive the connection ..
but... one of the tasks of the dropper it to bypass security mesures and deliver/exec the Agent ..

from venom.

question:

• 1º - Did you Install venom using venom/aux/setup.sh script ?
  • setup.sh will install dependencies AND config venom.sh settings file
  • venom.sh will use the settings file to config modules then..
• 2º - Do you have Apache2 installed on attacker machine ?
  • Its Apache2 webroot located at: /var/www/html ?
• 3º - Is 192.168.1.100 the attacker ip address ??
• 4º - What shell does your system uses: bash or ZSH ?
  • venom toolkit has created to work on bash shell ..
    
    

Switch from ZSH to BASH:

exec bash

HINT: Screenshots of the bugs are required for me to see whats appenning..
I have updated venom today ,,, i advice you to download the v1.0.17 version and try it again..

from venom.

1º - Did you Install venom using venom/aux/setup.sh script ?
ANSWER: Yes i install it properly, and not problem.

2º - Do you have Apache2 installed on attacker machine?
ANSWER: Yes
- Its Apache2 webroot located at: /var/www/html ?
ANSWER: Yes, it may have been set automatically in setup.sh and there were no problems with the configuration

3º - Is 192.168.1.100 the attacker ip address ??
ANSWER: yes, its my ip address

4º - What shell does your system uses: bash or ZSH ?
ANSWER: Bash

***But still not work. I open the link and not found the server

from venom.

Yes, it works properly, when i installed setup.sh i chooce use venom domain name. Maybe this is why the link not show. Thanks a lot.

Can i use ngrok in AMSI Evasion payloads options?

from venom.

• 1º - so the problem was venom domain name config rigth ??
  (its interfering with AMSI Evasion Payloads) <= after you reverted the setting it starts working ?

• 2º - nop ... because they required the files stored on apache2 <= ngrok will not give remote access to apache2 ..
  (But... you can use the Agent (NOT THE DROPPER) with ngrok) <= because dropper will download/exec the agent

from venom.

AGENT (reverse TCP shell): In this case (Amsi Evasion - agent nº5) its Client.exe file...

• so .. you can manually upload the agent to target to recive the connection back ..
• Only the Dropper(s) requires apache2 (to deliver the agent)
  

In amsi evasion - agent nº1 its: AGENT : /root/Toolswork/Bypass/venom/output/Security-Update.ps1

Final notes

Amsi Evasion - Agent nº5 requires apache2 because it has to deliver the agent and the pdf file..

from venom.

So when i'm not in the same network i can connect use my ip address? Not the ngrok address?

I run ngrok http 80 to expose the web service. I have not try it because i dont have windows device with different ip network

from venom.

Thanks A lot for helping me fix the problem. I will be trying soon. I Hope if i face the problem again i can fix it

from venom.