[prev in list] [next in list] [prev in thread] [next in thread] 

List:       metasploit-framework
Subject:    Re: [framework] Dynamically Generated Final Stages
From:       Philip Sanderson <philip.k.sanderson () gmail ! com>
Date:       2010-08-31 7:42:26
Message-ID: AANLkTikO21TiPUjE0Ncu3fptZo-Qpd2F_vaGNsagdUQZ () mail ! gmail ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


Hello,

http://github.com/philip-k-sanderson/metasploit-posix-meterpreter/blob/d03535944aceb46da04b264feffb02e5473a5c8e/modules/payloads/stages/linux/x86/meterpreter.rb


(used in linux/x86/meterpreter/reverse_tcp. first it does reverse_tcp, then
the middle stager, then finally sends a file to remote host)

<http://github.com/philip-k-sanderson/metasploit-posix-meterpreter/blob/d03535944aceb4 \
6da04b264feffb02e5473a5c8e/modules/payloads/stages/linux/x86/meterpreter.rb>generate_stage
 to get the final / last stage. handle_intermediate_payload() to send a
payload before final one.

does that answer your question ?

On Fri, Aug 27, 2010 at 8:13 AM, Ty Miller <tyronmiller@gmail.com> wrote:

> Hey guys,
> 
> When writing staged shellcode for metasploit, how do you get the final
> stage that was selected by the user (eg, meterpreter or shell or bind, etc)
> to be dynamically included within the module or handler?
> 
> For example, say that a user selects the payload
> "windows/meterpreter/awesome_payload" then the meterpreter stage needs to be
> dynamically generated and used by the handler to tunnel it through to the
> compromised host (or soon to be compromised host). But if the user selects
> the payload "windows/shell/awesome_payload" then the shell stage needs to be
> dynamically generated and passed to the compromised host via the handler.
> 
> Do I need to use msfpayload within the handler or something?
> 
> Thanks,
> Ty
> 
> 
> 
> _______________________________________________
> https://mail.metasploit.com/mailman/listinfo/framework
> 
> 


[Attachment #5 (text/html)]

Hello,<div><br></div><div><a \
href="http://github.com/philip-k-sanderson/metasploit-posix-meterpreter/blob/d03535944 \
aceb46da04b264feffb02e5473a5c8e/modules/payloads/stages/linux/x86/meterpreter.rb">http \
://github.com/philip-k-sanderson/metasploit-posix-meterpreter/blob/d03535944aceb46da04b264feffb02e5473a5c8e/modules/payloads/stages/linux/x86/meterpreter.rb</a></div>
 <div><br></div><div>(used in linux/x86/meterpreter/reverse_tcp. first it does \
reverse_tcp, then the middle stager, then finally sends a file to remote \
host)</div><div><br></div><div><a \
href="http://github.com/philip-k-sanderson/metasploit-posix-meterpreter/blob/d03535944 \
aceb46da04b264feffb02e5473a5c8e/modules/payloads/stages/linux/x86/meterpreter.rb"></a>generate_stage \
to get the final / last stage. handle_intermediate_payload() to send a payload before \
final one. </div> <div><br></div><div>does that answer your question \
?</div><div><br><div class="gmail_quote">On Fri, Aug 27, 2010 at 8:13 AM, Ty Miller \
<span dir="ltr">&lt;<a \
href="mailto:tyronmiller@gmail.com">tyronmiller@gmail.com</a>&gt;</span> wrote:<br> \
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex;">Hey guys,<br><br>When writing staged shellcode for \
metasploit, how do you get the final stage that was selected by the user (eg, \
meterpreter or shell or bind, etc) to be dynamically included within the module or \
handler?<br>

<br>For example, say that a user selects the payload \
&quot;windows/meterpreter/awesome_payload&quot; then the meterpreter stage needs to \
be dynamically generated and used by the handler to tunnel it through to the \
compromised host (or soon to be compromised host). But if the user selects the \
payload &quot;windows/shell/awesome_payload&quot; then the shell stage needs to be \
dynamically generated and passed to the compromised host via the handler.<br>

<br>Do I need to use msfpayload within the handler or \
something?<br><br>Thanks,<br><font color="#888888">Ty<br><br><br> \
</font><br>_______________________________________________<br> <a \
href="https://mail.metasploit.com/mailman/listinfo/framework" \
target="_blank">https://mail.metasploit.com/mailman/listinfo/framework</a><br> \
<br></blockquote></div><br></div>



_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic