/bin/sh: 1: powershell: not found #4
Comments
|
I've had a couple other people report the same exact problem. The root of the problem seems to be that PowerShell is not getting properly installed onto your system. You can test this by just trying to run PowerShell is supposed to be installed automatically in ObfuscatedEmpire's setup script, but there appears to be some missing dependency to PowerShell in the setup script. It would be helpful if you could show the output when you run the This may be a product of the fact that PowerShell is not officially supported on Debian platforms. Others have found a workaround to this by installing the Ubuntu libicu55 package, though I can't confirm because I have never been able to reproduce the issue on my own. In any case, ObfuscatedEmpire should output a more clear/obvious message when PowerShell is not found to be installed. I will work on adding that in the next few days. Thanks for the report! |
|
It appears that is definitely the issue, installing libicu55 under that Debian version seems to be a pain in the ass so far (due to other dependencies colliding etc), I'll just switch to Ubuntu. Thanks for the quick reply! |
|
Yeah no problem, let me know how it works out. |
|
I can confirm that it's working as intended on Ubuntu 16.04 LTS |
|
Glad you got it working! I'm going to keep this issue open until:
If others run into a similar problem, hopefully they will see this open issue and (maybe) we'll be able to solve for a solution on Kali/Debian. |
|
ObfuscatedEmpire now prints a warning message and exits gracefully when trying to obfuscate without PowerShell being installed. Implemented in dac5ba6 |
|
I bumped into the same issue today with Kali. As explained above, this is due to the fact that libicu55 and PowerShell are not (yet) available on Debian distro. However, installing the Ubuntu files did run just fine and could be a work around in the mean-time:
Not ideal but that should get you up and running. |
|
On Debian 8, install the powershell package meant for ubuntu 14.04, then you don't need to install libicu55 or libssl1.0.0 explicitly. wget https://github.com/PowerShell/PowerShell/releases/download/v6.0.0-alpha.9/powershell_6.0.0-alpha.9-1ubuntu1.14.04.1_amd64.deb This is a dated release, but works. I also tried with the newest, but it resulted in several segmentation faults when preobfuscating. As p0wner put it, not ideal but that should get you up and running. |
|
@ValtteriL thanks for the suggestion! I'll take a look at it, though I'd prefer not to use the package for the older repo. I also tried the new beta PowerShell from the Microsoft apt repository, and also was running into some segmentation faults, same as you. I'm hoping that those issues get fixed and eventually we can move to the official apt repository. |
|
An update for anyone that's curious. There's an issue in Kali/Debian9 for the new beta PowerShell in some crypto library. Turns out you can get it to work if you force connections from your Kali/Debian9 host to 40.114.241.141 to not resolve. Very strange, but it works. Tracking that issue here: PowerShell/PowerShell#4320 |
|
Using the PowerShell apt repo now: 17c732a Still have to download and install the libicu and libssl1.0.0 debs manually, since it has dependencies not in the Kali repo. (by manually I mean the setup script downloads and installs using wget/dpkg, not that this is an extra step after the setup.sh script) |
|
Yay no more manual deb downloads :) as of 89d0deb (empire-dev branch) Anyone let me know if they still have issues, otherwise will close soon. |
|
@nanodestructo Fix for If so, be sure to run the |
|
@nanodestructo You should not need to link/rename from
I have not tested on Mint. |
|
@nanodestructo @cobbr |
|
@cobbr |
|
@thedickestrick You should not need to link Glad you got it working, just want to make sure I have it working for others. I'll take a look at the macro stager, I recently fixed things in the vbs_launcher that might need to also be fixed in macro as well. Answering some of the questions mentioned above will help me debug it. |
|
@cobbr Thanks for your quick response! |
|
@cobbr Linux ip-XXX-XXX-XXX-XXX 4.4.0-1041-aws EmpireProject#50-Ubuntu SMP Wed Nov 15 22:18:17 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux Also ran into this problem today. |
|
powershell_6.0.0-alpha.9-1ubuntu1.14.04.1_amd64.deb works with kali3 |
and others
First and foremost I wanted to thank you for spending your time on this project, I'm surprised it hasn't been integrated in the main Empire build just yet. AMSI is definitely becoming a nuisance during red team engagements sometimes.
Empire Version
1.6.0 (direct clone from ObfuscatedEmpire repo)
OS Information (Linux flavor, Python version)
Debian GNU/Linux 8
Linux redacated 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt9-3~deb8u1 (2015-04-24) x86_64 GNU/Linux
Python 2.7.9
Expected behavior and description of the error, including any actions taken immediately prior to the error. The more detail the better.
The preobfuscate command doesn't function adequately, whenever I attempt to preobfuscate all modules, I get the following error:
/bin/sh: 1: powershell: not foundI couldn't figure out what caused it, so after I gave up on that I moved onto just enabling obfuscation for all commands, which did indeed generate a properly obfuscated launcher for the listener.
Except when an agent attempts to establish a session, the same error is once again present.
Screenshot of error, embedded text output, or Pastebin link to the error
The text was updated successfully, but these errors were encountered: