Missing payloads in Caldera 5.0.0

[mgonzcast]

I have followed the instructions and as some people have reported, Caldera 5.0.0 is missing the payloads for m64, rubeus.exe, ryuk.exe and dumpWebBrowserCreds.exe.

I can't find any reference of these downloads in the download_payloads.sh script.

When Caldera is started it complaints about the missing payloads:

2024-12-10 06:11:58 WARNING Payload referenced in data_svc.py:469 3de63509-4171-488f-8938-ce346677 a5a6 but not found: rubeus.exe 2024-12-10 06:12:07 WARNING Payload referenced in data_svc.py:469 f96e8195-8b0f-4b87-bdce-748dfda2 861f but not found: m64.exe WARNING Payload referenced in data_svc.py:469 98279c81-d5a0-4ec4-9d40-a6e87d1f 9bd2 but not found: m64.exe WARNING Missing required field in data_svc.py:458 ability 690e889f-5844-473e-98c5-c90c9f17 72dc: description 2024-12-10 06:12:08 WARNING Payload referenced in data_svc.py:469 b8ad9654-80a1-4fde-b2d4-c0de7648 621c but not found: ryuk.exe WARNING Payload referenced in data_svc.py:469 9a438a2a-c95b-4fd2-a29f-8b1250fc 3adc but not found: dumpWebBrowserCreds.exe

I find many references in the issues in github about those missing payloads since 2021. I have tried to locate samples of those payloads on the Internet. I.e.: I have downloaded the rubeus.exe from here https://github.com/r3motecontrol/Ghostpack-CompiledBinaries/blob/master/Rubeus.exe and It doesn't complain from that missing package. Where can I find the other 3 missing?

[mgonzcast]

anyone? Maybe @elegantmoose can give me an answer? This is between a question and a bug