[Diego Pérez]

Hi!
Once you start the VNC ervers run the command “ss -lntp” and share a screenshot here.
Can you share a screenshot with the websockify command used and the result please?

Thanks!
Diego

[Diego Pérez]

Hi!
Make sure that all vnc servers are running properly. Also make sure to use the eth0 ip address in the websockify command not the public ip.

Greetings!
Diego

[Diego Pérez]

Hi!
Did you run the setup.sh script with root privileges?

Greetings!
Diego

[Diego Pérez]

Hi!
So it seems empire is working fine.
Have you started your apache server? You have to do it every time you boot kali.

Greetings!
Diego

[Diego Pérez]

Hi!
Cool, now follow the previous instructions that I have already told you:
Make sure to delete any file or directory related to fastapi and pydantic in these locations:

/usr/lib/python3/dist-packages
/usr/local/lib/python3.11/dist-packages

Then run:
pip3 install pydantic==1.10.6
pip3 install fastapi==0.74.1

Then the server should run as expected, I tested it and it worked.

Greetings!
Diego

[Diego Pérez]

Hi!
Yes, I meant to remove that kali. In Vmware interface jut right click kali and select Delete, then import it again just you already know.

Greetings!
Diego

[Diego Pérez]

Hi!
Now it seems you are trying to use a different empire version.I suggest to stick to the one showed in the course instead. It would be better to remove that kali and import a new one. Then follow the instructions as in the lecture and follow the steps I mentioned. I can clearly see that you are trying to delete files in /usr/lib/python3.11 and that’s not what I wrote so please read carefully otherwise things won’t work as expected.

Greetings!
Diego

[Diego Pérez]

Hi!
Can you test with other backdoor type? This is useful to debug the actual error.

Greetings!
Diego

[Diego Pérez]

Hi!
In the first screenshot it seems you didn’t delete all the files or directories related to pydantic at /usr/lib/python3/dist-packages, so you have to do it and then install pydantic.
In the second screenshot it seems the server was not running, first you need to solve the above issue otherwise it won’t work.

Greetings!
Diego

[Diego Pérez]

Hi!
Ok, that’s totally different, so you successfully installed it, right? I checked it and for some reason empire doesn’t work with the latest pydantic and fastapi python libraries so older versions should be installed. Make sure to delete any file or directory related to fastapi and pydantic in these locations:

/usr/lib/python3/dist-packages
/usr/local/lib/python3.11/dist-packages

Then run:
pip3 install pydantic==1.10.6
pip3 install fastapi==0.74.1

Then the server should run as expected, I tested it and it worked.

Greetings!
Diego

[Diego Pérez]

Hi!
The screenshots were not attached properly, upload them to google drive and share the link here. Also, it seems the backdoor has been successfully created, the dist directory should be inside disctopia-C2 directory. Does this problem only occur with telegram backdoors?

Greetings!
Diego

[Diego Pérez]

Hi!
You have a typo in the apt command, just read it again. You typed …-empier instead of empire.
I’m answering you as soon as I can, must of the time within 15 hours as mentioned in the course.

Greetings!
Diego

[Diego Pérez]

Hi!
Can you share a screenshot with the result after creating the backdoor?

Greetings!
Diego

[Diego Pérez]

Hi!
It seems like kali is already running, click on “Take ownership” and you should be able to use it.

Greetings!
Diego

[Diego Pérez]

Hi!
I can see the file has the correct size in kali. Can you change the view in windows file browser to a list? So we can see the details of the archive and share the screenshot again.

Greetings!
Diego

[Author]

Posts