[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

metasploit payload

Posted on 2015-02-19
4
Medium Priority
?
255 Views
Last Modified: 2015-03-01
Experts,

I am practicing offensive security.  Since the payload in a reverse TCP shell is an EXE, any antivirus is going to catch it.  Is there a way to generate the same type of payload that is not an EXE file?
0
Comment
Question by:trojan81
  • 2
  • 2
4 Comments
 
LVL 66

Expert Comment

by:btan
ID: 40621113
first most, I do caution that diligence and care is taken for such exercises and I believe the experts' sharing do not advocate the teaching for ill intent. Such use case should be just form of testing within controlled environment and with proper owner authorisation given. This has to be an informed testing or trial with legitimate notice and approval too as a whole please.

This link has the run through (see the different Payload in their option table). Specifically, the payload can be exe or bin delivered, the ammunition is in the shellcode which can also leverage a stager for  a small initial entry with actual larger payload injected subsequently.  http://help.metasploit.com/Content/22-payloads/payload-generator.html

Looking at below for a quick summary that msfpayload command accepts:
    Output Types:
    S summary and options of payload
    C C language
    P Perl
    y Ruby
    R Raw, allows payload to be piped into msfencode and other tools
    J JavaScript
    X Windows executable
    V VBA

Sidenote - Eventually most are still exe though the packaging differs like in the case of using Veil toolkit (looking into python driven payload delivery) -  https://www.christophertruncer.com/veil-a-payload-generator-to-bypass-antivirus/
0
 

Author Comment

by:trojan81
ID: 40625110
btan,

Is the info displayed from this site only accessible from metasploit pro?
http://help.metasploit.com/Content/22-payloads/payload-generator.html

I don't have pro. I just have the free version that comes with kali Linux.  

On a side note, I am not attacking anybody. All of the testing is done on my own lab networks for education purposes.
0
 
LVL 66

Accepted Solution

by:
btan earned 2000 total points
ID: 40625230
Thanks for clarifying the intent of the testing.
Yes for Pro if using dynamic payloads are exclusive to Metasploit Pro.
The Payload Generator with Classic Payloads is available in the free Metasploit Community Edition as well as the commercial editions Metasploit Express and Metasploit Pro. Dynamic Payloads can also be downloaded as stand-alone executables and are exclusive to Metasploit Pro.
https://community.rapid7.com/community/metasploit/blog/2014/03/26/new-metasploit-49-helps-evade-anti-virus-solutions-test-network-segmentation-and-increase-productivity-for-penetration-testers

However, if you check out the output option ""Choose from the following formats: executable, raw bytes, or shellcode buffer." that should still be available for all MS build.
0
 

Author Closing Comment

by:trojan81
ID: 40638966
thank you
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There's never been a better time to become a computer scientist. Employment growth in the field is expected to reach 22% overall by 2020, and if you want to get in on the action, it’s a good idea to think about at least minoring in computer science …
Data security in the cloud is very much like a security in an on-premises data center - only without costs for maintaining facilities and computer hardware.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Suggested Courses

640 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question