Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

more testing

From: David Kennedy <kennedyd013 () gmail com>
Date: Sun, 20 Jun 2010 01:38:14 -0400
Been doing some more testing with Mubix (thanks man!) all of the x64 bit
payloads seem to be affected through mssql_payload and psexec (looks like
any upload like payloads). Using other methods aside from cmdstager are
still not functioning correctly. Strangely enough Mubix has them working on
a Windows 7 x64 (non VMWare) and my Windows 7 x64 (VMWare) does not work,
wondering if its a VMWare specific issue? Also tried on Server 2008 x64
(vmware) and two separate servers with the same results. All x86 based
payloads work without a hitch. Here's what I've tested.

windows/x64/meterpreter/bind_tcp - not working
windows/x64/meterpreter/reverse_tcp - not working
windows/meterpreter/bind_tcp - working
windows/meterpreter/reverse_tcp - working
windows/x64/shell/reverse_tcp - not working
windows/x64/shell/bind_tcp - not working
windows/x64/shell_reverse_tcp - not working

Thought maybe since all of them appear to use
Msf::Util::EXE.to_win32pe(framework,payload.encoded) it may be getting
encoded with a x86 based encoder and corrupting the binary? I'll test this
off tomorrow just a complete guess.

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework
Previous By Date Next
Previous By Thread Next

Current thread: