Metasploit mailing list archives
Re: Escape characters
From: danuxx () gmail com
Date: Fri, 1 Apr 2011 07:37:07 +0000
Then, You could try to use msfconsole instead and from there set the Payload options, that will take care of it. Sent via BlackBerry from Danux Network -----Original Message----- From: Eric <dkn4a1 () gmail com> Sender: framework-bounces () spool metasploit com Date: Fri, 1 Apr 2011 12:52:49 To: Jose Selvi<jselvi () pentester es> Cc: <framework () spool metasploit com> Subject: Re: [framework] Escape characters No. I'm not trying to encode the shellcode. Suppose, I want to generate a payload executable with msfpayload for windows/exec payload with parameter CMD=cmd /c start calc & start notepad In this case, obviously I need to escape spaces, \ and & characters, like msfpayload windows/exec CMD=cmd\ \/c\ start\ calc\ \&\ start\ notepad Likewise, which all character I need to escape to make it work perfectly fine? On Fri, Apr 1, 2011 at 12:36 PM, Jose Selvi <jselvi () pentester es> wrote:
MSFEncode is who encode the payload without badchars. Badchars depends on wich vulnerability are you exploiting. Each vulnerability has their own badchars so there isn't a single list of universal badchars. Some of them are quite common like 0x00 (end of string), but I think there isn't any universal list. What vulnerability are you exploiting? Regards. El 01/04/11 08:53, Eric escribió:Hello all, What all special characters should be escaped with msfpayload? I believe< > ; : ' " / ( ) %& Could I find documentation regarding this somewhere? Thanks in advance.-- Jose Selvi. Security Technical Consultant CISA, CISSP, CNAP, GCIH, GPEN http://www.pentester.es SANS Mentor in Madrid (Spain). September 23 - November 25 SEC560: Network Penetration Testing and Ethical Hacking http://www.sans.org/mentor/details.php?nid=24133 http://www.pentester.es/2010/12/nuevo-grupo-y-descuento-para-network.html _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Re: Escape characters Jose Selvi (Apr 01)
- Re: Escape characters Eric (Apr 01)
- Re: Escape characters danuxx (Apr 01)
- Re: Escape characters ravindra kalal (Apr 01)
- Re: Escape characters Patrick Webster (Apr 01)
- Re: Escape characters danuxx (Apr 01)
- Re: Escape characters Eric (Apr 01)