Metasploit mailing list archives
making your own payload
From: hdm at metasploit.com (H D Moore)
Date: Tue, 6 Dec 2005 10:32:12 -0600
On Tuesday 06 December 2005 10:24, pagvac wrote:
This executable automates many tasks that I usually do on the target machines after comprising them when doing penetration testing.
This an executable, not a written-in-assembler payload? In that case, you will need to upload and execute it using another payload (such as Meterpreter).
The problem is that I have no idea on how to remove all the nulls (0x00) so that the exploit doesn't break.
Assuming this a payload and not an executable, you do not need to worry about null bytes. The framework automatically encodes the payload for you, based on the BadChars field defined in the exploit module you use.
I'd like to have some references on documentation/tools that can help me create this payload and successfully run it with metasploit on existing exploit modules.
Great, us too :-) If you are talking about a standalone executable, this is not a 'payload' in the sense of the framework, but you can use or write a payload to upload and execute it (and maybe even handle the connection side for you, etc).
Question: are all payloads compatible with metasploit? In other words, can I get a shellcode from an external resource and use it successfully with metasploit?
The short answer is no. You can talk almost any payload, stick it into a payload module, and inject it into the remote target process with the correct exploit. The problem is that most payloads need what we call a "handler" -- if its a bind shell, you need to connect to the shell and then read from the console and send the commands down the socket. If the payload you want to use has a standard connection method (bind, reverse connect, etc), you should be all set, just use one of the related payloads as a template. If the payload needs some crazy protocol for communication, or doesn't establish a connection, then it will still run on the remote system, but you would need to figure out the interaction part by yourself (and possibly write handler code for it). Hope this helps, -HD
Current thread:
- making your own payload pagvac (Dec 06)
- making your own payload H D Moore (Dec 06)
- making your own payload mmiller at hick.org (Dec 06)
- making your own payload pagvac (Dec 06)
- making your own payload mmiller at hick.org (Dec 06)
- making your own payload H D Moore (Dec 06)
- making your own payload Andre Ludwig (Dec 06)
- making your own payload Jerome Athias (Dec 06)
- making your own payload pagvac (Dec 06)