[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 237
  • Last Modified:

metasploit payload

Experts,

I am practicing offensive security.  Since the payload in a reverse TCP shell is an EXE, any antivirus is going to catch it.  Is there a way to generate the same type of payload that is not an EXE file?
0
trojan81
Asked:
trojan81
  • 2
  • 2
1 Solution
 
btanExec ConsultantCommented:
first most, I do caution that diligence and care is taken for such exercises and I believe the experts' sharing do not advocate the teaching for ill intent. Such use case should be just form of testing within controlled environment and with proper owner authorisation given. This has to be an informed testing or trial with legitimate notice and approval too as a whole please.

This link has the run through (see the different Payload in their option table). Specifically, the payload can be exe or bin delivered, the ammunition is in the shellcode which can also leverage a stager for  a small initial entry with actual larger payload injected subsequently.  http://help.metasploit.com/Content/22-payloads/payload-generator.html

Looking at below for a quick summary that msfpayload command accepts:
    Output Types:
    S summary and options of payload
    C C language
    P Perl
    y Ruby
    R Raw, allows payload to be piped into msfencode and other tools
    J JavaScript
    X Windows executable
    V VBA

Sidenote - Eventually most are still exe though the packaging differs like in the case of using Veil toolkit (looking into python driven payload delivery) -  https://www.christophertruncer.com/veil-a-payload-generator-to-bypass-antivirus/
0
 
trojan81Author Commented:
btan,

Is the info displayed from this site only accessible from metasploit pro?
http://help.metasploit.com/Content/22-payloads/payload-generator.html

I don't have pro. I just have the free version that comes with kali Linux.  

On a side note, I am not attacking anybody. All of the testing is done on my own lab networks for education purposes.
0
 
btanExec ConsultantCommented:
Thanks for clarifying the intent of the testing.
Yes for Pro if using dynamic payloads are exclusive to Metasploit Pro.
The Payload Generator with Classic Payloads is available in the free Metasploit Community Edition as well as the commercial editions Metasploit Express and Metasploit Pro. Dynamic Payloads can also be downloaded as stand-alone executables and are exclusive to Metasploit Pro.
https://community.rapid7.com/community/metasploit/blog/2014/03/26/new-metasploit-49-helps-evade-anti-virus-solutions-test-network-segmentation-and-increase-productivity-for-penetration-testers

However, if you check out the output option ""Choose from the following formats: executable, raw bytes, or shellcode buffer." that should still be available for all MS build.
0
 
trojan81Author Commented:
thank you
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now