Metasploit mailing list archives
Re: cmd/windows/reverse_perl not being executed.
From: "Joshua J. Drake" <jdrake () metasploit com>
Date: Fri, 5 Mar 2010 11:46:44 -0600
On Thu, Mar 04, 2010 at 03:06:07PM -0600, Danux wrote:
Hi, I am using this payload cmd/windows/reverse_perl encoded (150 bytes) since I have only 268 bytes to place my shellcode. But I am not getting any reverse shell, I debugged the process and the shellcode is loaded in memory and decoded without problems.
Danux, The cmd/windows/reverse_perl payload is NOT shellcode. Instead, it is a collection of shell commands that do what shellcode would normally do. The cmd/* payloads are for use with command execution vulnerabilities. If you're tight on space, one of the following should work: 1. Use a different method of placing shellcode in memory 2. Use an ORD payload (usually much smaller) 3. USe the EggHunter mixin
I also install perl in the Windows Vista 32-bit box but still no shell back.
If this were a command execution vuln, and perl was installed, it would still need to be in the target processes path. I suspect this is not your issue currently though. Good luck! -- Joshua J. Drake
Attachment:
_bin
Description:
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- cmd/windows/reverse_perl not being executed. Danux (Mar 04)
- Re: cmd/windows/reverse_perl not being executed. Joshua J. Drake (Mar 05)
- Re: cmd/windows/reverse_perl not being executed. danuxx (Mar 05)
- Re: cmd/windows/reverse_perl not being executed. Joshua J. Drake (Mar 05)