Re: Issues with x64 based payloads

[David Kennedy <kennedyd013 () gmail com>]

Awesome thanks!

On Sun, Jun 20, 2010 at 2:44 PM, Joshua J. Drake <jdrake () metasploit com>wrote:

> On Sat, Jun 19, 2010 at 11:37:43PM -0400, David Kennedy wrote:
> > Anyone experiencing issues when using mssql_payload via a x64 based
> system?
> > It worked fine about two weeks ago however it appears something may have
> > changed. Example below tested on a server 2008 x64:
>
> David,
>
> The scripts/shell/spawn_meterpreter.rb script uses a hardcoded payload
> handler of windows/meterpreter/reverse_tcp, which will always use an
> x86 second stage.  If you edit the payload used inside that script, it
> should work.
>
> In the future we'll work out a better way of handling this, but this
> should get it working in a pinch. Oops, just realized that is
> completely unrelated here too hehehe..
>
> mssql_payload as well as some other stuff uses the CmdStager mixins
> which in turn use the Msf::Exploit::EXE mixin to generate an executable.
> The psexec module doesn't use this stuff, but as was said elsewhere
> uses an explicit to_win32pe_service call inside Msf::Util::EXE ..
>
> For the CmdStager (mssql_payload), etc you can set the EXETEMPLATE
> variable to "data/templates/template_x64_windows.exe". That should fix
> it.
>
> Since psexec doesn't use the Msf::Exploit:EXE mixin it won't work for
> that one. We will need some more code changes, likely moving it to use
> the Msf::Exploit::EXE mixin..
>
> In all cases, automatically detecting that the target is x64 is
> tricky. We'll have to look further into doing that..
>
> PS. Always make sure your handler and your payload match, otherwise
> you could get strange crashes when staging happens.
>
> --
> Joshua J. Drake
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework