u915

Daniel Cano Merchán - Hacking & Tech

Veil Kali Linux: Unable to create output file, wine is not owned by you

2020-09-15 #Hacking

This post is a temporal fix for the framework Veil on Kali Linux.

Veil-Evasion is a framework used to generate metasploit payloads that can bypass old AVs and other defenses. It is outdated and is strange that can bypass modern AVs but sometimes can be useful for CTFs and outdated software.

Note: This solution worked for me but maybe you need to do something more, take this post with caution.

Original error:


425 INFO: PyInstaller: 3.2.1
425 INFO: Python: 3.4.4
425 INFO: Platform: Windows-7-6.1.7601-SP1
Traceback (most recent call last):
File "/var/lib/veil/PyInstaller-3.2.1//pyinstaller.py", line 15, in <module>
run()
File "Z:\var\lib\veil\PyInstaller-3.2.1\PyInstaller\__main__.py", line 88, in run
spec_file = run_makespec(**vars(args))
File "Z:\var\lib\veil\PyInstaller-3.2.1\PyInstaller\__main__.py", line 40, in run_makespec
spec_file = PyInstaller.building.makespec.main(filenames, **opts)
File "Z:\var\lib\veil\PyInstaller-3.2.1\PyInstaller\building\makespec.py", line 372, in main
specfile = open(specfnm, 'w')
PermissionError: [Errno 13] Permission denied: 'Z:\\usr\\share\\veil\\evil3.spec'
===============================================================================
	                           Veil-Evasion
===============================================================================
      [Web]: https://www.veil-framework.com/ | [Twitter]: @VeilFramework
===============================================================================

 [!] ERROR: Unable to create output file.
 [*] Source code written to: /var/lib/veil/output/source/evil3.py
 [*] Metasploit Resource file written to: /var/lib/veil/output/handlers/evil3.rc

This happend because the permission is denied on the default path, used by Wine:

Z:\\usr\\share\\veil\\*

So after that I tried to use sudo / root to launch Veil but I get the error:

wine: /var/lib/veil/wine is not owned by you

I was dissapointed, because in the past I had problems compiling .exe exploits inside Kali Linux but this time seems to work.

I reinstalled all again:

/usr/share/veil/config/setup.sh --force --silent

Changed the Veil Wine owner:

sudo chown root:root -R /var/lib/veil/wine

After that, all was working fine:


14541 INFO: Building EXE from out00-EXE.toc completed successfully.
===============================================================================
                           Veil-Evasion
===============================================================================
[Web]: https://www.veil-framework.com/ | [Twitter]: @VeilFramework
===============================================================================

[*] Language: python
[*] Payload Module: python/meterpreter/rev_http
[*] Executable written to: /var/lib/veil/output/compiled/tooEvil.exe
[*] Source code written to: /var/lib/veil/output/source/tooEvil.py
[*] Metasploit Resource file written to: /var/lib/veil/output/handlers/tooEvil.rc

Hit enter to continue...

Maybe when Veil was designed, it was build taking in consideration that Kali Linux worked with root by default and now there is a low privileged account running by default.

Thanks for reading.