Posted on 2015-01-22
I have what appears to be a metasploit reverse tcp payload that someone emailed to me. I opened it on an isolated PC. When I open it with notepad, the structure appears to resemble a reverse tcp payload that I create through metasploit.
Everything is encrypted. Is there a tool that I can run this through so that I can see the actual IP address that this was going to phone home to?