Metasploit mailing list archives
more testing
From: David Kennedy <kennedyd013 () gmail com>
Date: Sun, 20 Jun 2010 01:38:14 -0400
Been doing some more testing with Mubix (thanks man!) all of the x64 bit payloads seem to be affected through mssql_payload and psexec (looks like any upload like payloads). Using other methods aside from cmdstager are still not functioning correctly. Strangely enough Mubix has them working on a Windows 7 x64 (non VMWare) and my Windows 7 x64 (VMWare) does not work, wondering if its a VMWare specific issue? Also tried on Server 2008 x64 (vmware) and two separate servers with the same results. All x86 based payloads work without a hitch. Here's what I've tested. windows/x64/meterpreter/bind_tcp - not working windows/x64/meterpreter/reverse_tcp - not working windows/meterpreter/bind_tcp - working windows/meterpreter/reverse_tcp - working windows/x64/shell/reverse_tcp - not working windows/x64/shell/bind_tcp - not working windows/x64/shell_reverse_tcp - not working Thought maybe since all of them appear to use Msf::Util::EXE.to_win32pe(framework,payload.encoded) it may be getting encoded with a x86 based encoder and corrupting the binary? I'll test this off tomorrow just a complete guess.
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- more testing David Kennedy (Jun 19)
- Re: more testing Stephen Fewer (Jun 20)