-
Notifications
You must be signed in to change notification settings - Fork 348
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
服务端解密失败 #172
Comments
teamserver是否配置了c2profile? |
解决了吗 |
这个问题 |
@nnsssa 需要提供
|
1 cs4.8 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
cs4.2
`[-] A Malleable C2 attempt to recover data from a '.http-get.client.metadata' transaction failed. This could be due to a bug in the profile, a change made to the profile after this Beacon was run, or a change made to the transaction by some device between your target and your Cobalt Strike controller. The following information will (hopefully) help narrow down what happened.
From 'x.x.x.x'
URI '/load'
Headers
'User-Agent' = 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.835.163'
'Cookie' = 'xxxx'
'Accept' = '/'
'Host' = 'x.x.x.x:8443'
'REMOTE_ADDRESS' = '/x.x.x.x'
'Connection' = 'keep-alive'
[-] Trapped javax.crypto.BadPaddingException during RSA decrypt [HTTP session handler]: Decryption error
javax.crypto.BadPaddingException: Decryption error
at sun.security.rsa.RSAPadding.unpadV15(RSAPadding.java:379)
at sun.security.rsa.RSAPadding.unpad(RSAPadding.java:290)
at com.sun.crypto.provider.RSACipher.doFinal(RSACipher.java:365)
at com.sun.crypto.provider.RSACipher.engineDoFinal(RSACipher.java:391)
at javax.crypto.Cipher.doFinal(Cipher.java:2168)
at dns.AsymmetricCrypto.decrypt(Unknown Source)
at beacon.BeaconC2.process_beacon_metadata(Unknown Source)
at beacon.BeaconHTTP$GetHandler.serve(Unknown Source)
at c2profile.MalleableHook.serve(Unknown Source)
at cloudstrike.WebServer._serve(WebServer.java:232)
at cloudstrike.WebServer.serve(WebServer.java:213)
at cloudstrike.NanoHTTPD$HTTPSession.run(NanoHTTPD.java:372)
at java.lang.Thread.run(Thread.java:748)
[-] decrypt of metadata failed`
The text was updated successfully, but these errors were encountered: