Metasploit mailing list archives
Introducing [ultimet] - the ultimate meterpreter executable
From: Sherif El-Deeb <archeldeeb () gmail com>
Date: Sun, 13 Jan 2013 13:46:28 +0300
Please accept my apologies in advance for the Blog Spam. - A tool has been created [ultimet] which is a flexible “meterpreter” stand-alone exe that takes LPORT, LHOST, TRANSPORT and many other options as command line arguments. - It supports “reverse_tcp”, “reverse_http”, “reverse_https” and “reverse_metsvc” ... "bind" transports are planned to be included soon, God willing. - It supports multiple options to include the “stage” as a resource with the exe, or loading it from a file, turning it into a single stage “inline” meterpreter with everything included `out of the box`. - When the stage is included as a resource or loaded from a file in encrypted form, it gets decrypted, patched in memory and executed at runtime. - A tool "ultimet_xor.exe" is included to uniquely encrypt your own metsrv.dll if you so desire. - The exe without the stage (ultimet) is 37kb when UPX'ed -> 95kb normal. - The inline exe with the stage as resource (inmet) is ~480kb UPX'ed -> 850kb normal. More details are (apologies) here http://eldeeb.net/wrdprs/?page_id=156 Source code: Github: https://github.com/SherifEldeeb/inmet/ Bug reports, code contributions...etc. are welcomed and highly appreciated. (P.S: I am not a developer, that's the first usable program I ever do in C/C++ ... so, easy on me regarding the messy code) Best Regards, Sherif Eldeeb. _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Introducing [ultimet] - the ultimate meterpreter executable Sherif El-Deeb (Jan 13)