Description
What happened?
Hello. Using default x64 demon with http listner. Default configs (sleep, jitter, ...) not changed.
Got a freeze bug with execute inline-exec module, and dotnet inline-exec.
First, trying run nanodump.x64.o on Win10Pro (Defender disabled, no AV) by next command:
05/03/2025 10:22:04 [5pider] Demon » inline-execute /tmp/nanodump.x64.o -p 916
[*] [A0518B4C] Tasked demon to execute an object file: /tmp/nanodump.x64.o
[+] Send Task to Agent [31 bytes]
With 90% probability there is no response. Demon stop responding. I can wait 1h, but nothing will be change.
Commands stop working. They go to tasks queue and never be done. If i look at tasks list, i see them:
05/03/2025 10:24:36 [5pider] Demon » whoami
[*] [2D43681F] Tasked demon to get the info from whoami /all without starting cmd.exe05/03/2025 10:27:02 [5pider] Demon » task list
[] [3D60B87E] Tasked teamserver to list commands in task queue
[] List task queue:Task ID Created Size Command
6.91 kB
28 B
2D43681F 05/03/2025 07:24:36 31 B
Trying to remove all tasks and send whoami:
05/03/2025 10:30:15 [5pider] Demon » task clear
[*] [F781034B] Tasked teamserver to clear all commands from task queue
[+] Cleared task queue [3]05/03/2025 10:30:21 [5pider] Demon » task list
[*] [93C27A48] Tasked teamserver to list commands in task queue
[!] No jobs in task queue05/03/2025 10:30:23 [5pider] Demon » whoami
[*] [53D401E6] Tasked demon to get the info from whoami /all without starting cmd.exe
And no response. Never. Only re-run demon exe will help. It is open new connection from new demon process and will work fine. Taskmgr show 100% CPU eat by freezed demon.
OS:
OS Name: Microsoft Windows 10 Pro
OS Version: 10.0.19045 N/A Build 19045
Same problem i got with dotnet inline-exec on Win2019 (Defender disabled, no AV). Running GodPotato-NET4.exe from here https://github.com/BeichenDream/GodPotato/releases/tag/V1.20
05/03/2025 10:34:08 [5pider] Demon » dotnet inline-execute /tmp/godpotato.exe -cmd "cmd /c whoami"
[*] [54B6FECA] Tasked demon to inline execute a dotnet assembly: /tmp/godpotato.exe
[+] Send Task to Agent [206 bytes]
Same problem. No response. Tasks clear has no effect. Need to re-run demon.exe. Taskmgr show 100% CPU eat by freezed demon.
OS:
OS Name: Microsoft Windows Server 2019 Datacenter Evaluation
OS Version: 10.0.17763 N/A Build 17763
Did You Try With the Dev Branch?
No (You only tried the main branch...)
Relevant log output
Did You Read Over Your Issue First?
- I declare I made an effort and provided the necessary information for replication of the issue.