I’ve spent lots of hours getting stuck on small things, and some of the step by step instructions do not work or do not output what the tutorial claims they should, so any help would be appreciated.
Here are some issues I faced:
In the LOLBAS: InstallUtil section.
I ran the following command:
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\InstallUtil.exe /logfile= /LogToConsole=false /U MichaelUtil.exe
and got this error:
Exception occurred while initializing the installation:
System.BadImageFormatException: Could not load file or assembly ‘file:///C:\Users\champ\source\repos\MichaelUtil\MichaelUtil\bin\x64\Release\net8.0\MichaelUtil.exe’ or one of its dependencies. The module was expected to contain an assembly manifest…
This command is being run from the x64/Release folder of my Visual Studio project.
I followed the instructions closely, compiling for release with arm64 and x64 as the instructions asked.
The next Section, LOLBAS: RunDll32 seems to be missing some things. It expects for there to exist a HackTheBox Package Source in a Visual Studio project they have us build from scratch, but that doesn’t exist.
A later section, Powershell ConstrainedLanguageMode, throws an error, TypeLoadException: Could not load type ‘System.Diagnostics.Eventing.EventDescriptor’ from assembly 'System.Core, Version=4.0.0.0, Culture=neutral,
when it reaches the Runspace runspace = RunspaceFactory.CreateRunspace() line.
- The Process Injection Section.
This one has specific step by step instructions to follow, but even though I use the same payloads that succesfully spawned reverse shells in other sections, when I use the payload with their code it connects to the listening shell and then closes the connection immediately.