Metasploit mailing list archives
Re: Delivering Linux Meterpreter via command injection
From: egypt () metasploit com
Date: Thu, 22 Mar 2012 09:58:31 -0600
There is no Linux command stager at the moment because up to now there hasn't been a need. I've been working on making the post-exploitation shell stuff as portable as possible for the last few days; check out _write_file_unix_shell() lib/msf/core/post/file.rb for some ideas. Hope this helped, egypt On Thu, Mar 22, 2012 at 9:06 AM, northern monkee <dave () northern-monkee co uk> wrote:
I have three exploit modules written for SAP that exploit arbitrary command executions in order to deliver a Windows meterpreter payload. I'm making use of Msf::Exploit::CmdStagerVBS and Msf::Exploit::EXE mixins to achieve this. I basically looked through exploits already in MSF and figured out how they were doing it and ripped the code for my own purposes. I'm struggling to find Linux examples, anyone tried this? point me at some existing code to speed things up? I basically want to deliver the Linux meterpreter reverse TCP payload via an arbitrary command injection vulnerability. The space I have is limited, so the stager is required. Cheers email: dave () northern-monkee co uk skype: n-monkee ichat: nmonkee.mac.com web: www.northern-monkee.co.uk bus: www.linkedin.com/in/nmonkee twitter: www.twitter.com/nmonkee _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Delivering Linux Meterpreter via command injection northern monkee (Mar 22)
- Re: Delivering Linux Meterpreter via command injection egypt (Mar 22)