Metasploit mailing list archives
Re: Issues with x64 based payloads
From: David Kennedy <kennedyd013 () gmail com>
Date: Sun, 20 Jun 2010 22:08:40 -0400
Awesome thanks! On Sun, Jun 20, 2010 at 2:44 PM, Joshua J. Drake <jdrake () metasploit com>wrote:
On Sat, Jun 19, 2010 at 11:37:43PM -0400, David Kennedy wrote:Anyone experiencing issues when using mssql_payload via a x64 basedsystem?It worked fine about two weeks ago however it appears something may have changed. Example below tested on a server 2008 x64:David, The scripts/shell/spawn_meterpreter.rb script uses a hardcoded payload handler of windows/meterpreter/reverse_tcp, which will always use an x86 second stage. If you edit the payload used inside that script, it should work. In the future we'll work out a better way of handling this, but this should get it working in a pinch. Oops, just realized that is completely unrelated here too hehehe.. mssql_payload as well as some other stuff uses the CmdStager mixins which in turn use the Msf::Exploit::EXE mixin to generate an executable. The psexec module doesn't use this stuff, but as was said elsewhere uses an explicit to_win32pe_service call inside Msf::Util::EXE .. For the CmdStager (mssql_payload), etc you can set the EXETEMPLATE variable to "data/templates/template_x64_windows.exe". That should fix it. Since psexec doesn't use the Msf::Exploit:EXE mixin it won't work for that one. We will need some more code changes, likely moving it to use the Msf::Exploit::EXE mixin.. In all cases, automatically detecting that the target is x64 is tricky. We'll have to look further into doing that.. PS. Always make sure your handler and your payload match, otherwise you could get strange crashes when staging happens. -- Joshua J. Drake
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Issues with x64 based payloads David Kennedy (Jun 19)
- Re: Issues with x64 based payloads Joshua J. Drake (Jun 20)
- Re: Issues with x64 based payloads David Kennedy (Jun 20)
- Re: Issues with x64 based payloads Joshua J. Drake (Jun 20)