.

using code from Metasploit

<<

wlandymore

Newbie
Newbie

Posts: 34

Joined: Thu Mar 15, 2012 9:48 am

Post Mon Mar 19, 2012 2:03 pm

using code from Metasploit

I'm just trying to use the code that I've got from Metasploit and wondering how I compile it basically. I'm using the /linux/x86/chmod payload and then I set the options and then entered 'generate'. It spits back the code but do I then take this and make my own file to compile or can it be run from within the console somehow.

Sorry, new to Metasploit. :)
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1662

Joined: Mon Jan 29, 2007 2:59 pm

Post Mon Mar 19, 2012 3:26 pm

Re: using code from Metasploit

I'm assuming you're referring to having generated shellcode, is that correct?  If so, that is shellcode to be used with an existing exploit, by inserting your code into it, in place of other, existing shellcode, in the POC or example exploit.

Conversely, in some cases, you can also have it generate executables for a given platform.  I don't have my metasploit handy, to see what you're working with, to give more detail, right the moment.  But basically, you'd need to either do as I mentioned, above, or pick a different exploit, that generates a working executable, and use that payload code with it.
Last edited by hayabusa on Mon Mar 19, 2012 3:28 pm, edited 1 time in total.
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1662

Joined: Mon Jan 29, 2007 2:59 pm

Post Mon Mar 19, 2012 3:30 pm

Re: using code from Metasploit

See, for instance, the notes on 'Custom Executables', at:

http://www.scriptjunkie.us/2011/08/cust ... asploit-4/

Specifically, the link, therein, to:

http://www.scriptjunkie.us/2011/04/why- ... ates-exes/

<Edit again, sorry>
Note - I know this talks of exe's, but the same concept applies to unix-based executables, etc.  You just need the proper arguments/methods.  Here is an example of Linux executable, from Metasploit Unleashed:

http://www.offensive-security.com/metas ... nux_Trojan
Last edited by hayabusa on Mon Mar 19, 2012 3:36 pm, edited 1 time in total.
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

wlandymore

Newbie
Newbie

Posts: 34

Joined: Thu Mar 15, 2012 9:48 am

Post Tue Mar 20, 2012 10:34 am

Re: using code from Metasploit

yeah, I generated the shellcode. I put it in in a generic script and then tried to compile it but it failed. However, it may not have been exactly what I needed to make it run. I was trying to use the chmod shellcode but I haven't really done this stuff before so I'm being baptized by fire. :)

I'll read through all of those and see if I can make sense of it.

Thanks.
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1662

Joined: Mon Jan 29, 2007 2:59 pm

Post Tue Mar 20, 2012 12:49 pm

Re: using code from Metasploit

No worries.  If you get through those, and are still having trouble, drop me a PM on here, and I'll try to help you figure out your issue.

(But please try to figure it out, first...  Makes the learning more valuable to you, as you work through things)

;)
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

wlandymore

Newbie
Newbie

Posts: 34

Joined: Thu Mar 15, 2012 9:48 am

Post Tue Mar 20, 2012 1:19 pm

Re: using code from Metasploit

sure...I understand.

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software