Solved

metasploit payload

Posted on 2015-02-19
4
100 Views
Last Modified: 2015-03-01
Experts,

I am practicing offensive security.  Since the payload in a reverse TCP shell is an EXE, any antivirus is going to catch it.  Is there a way to generate the same type of payload that is not an EXE file?
0
Comment
Question by:trojan81
  • 2
  • 2
4 Comments
 
LVL 61

Expert Comment

by:btan
Comment Utility
first most, I do caution that diligence and care is taken for such exercises and I believe the experts' sharing do not advocate the teaching for ill intent. Such use case should be just form of testing within controlled environment and with proper owner authorisation given. This has to be an informed testing or trial with legitimate notice and approval too as a whole please.

This link has the run through (see the different Payload in their option table). Specifically, the payload can be exe or bin delivered, the ammunition is in the shellcode which can also leverage a stager for  a small initial entry with actual larger payload injected subsequently.  http://help.metasploit.com/Content/22-payloads/payload-generator.html

Looking at below for a quick summary that msfpayload command accepts:
    Output Types:
    S summary and options of payload
    C C language
    P Perl
    y Ruby
    R Raw, allows payload to be piped into msfencode and other tools
    J JavaScript
    X Windows executable
    V VBA

Sidenote - Eventually most are still exe though the packaging differs like in the case of using Veil toolkit (looking into python driven payload delivery) -  https://www.christophertruncer.com/veil-a-payload-generator-to-bypass-antivirus/
0
 

Author Comment

by:trojan81
Comment Utility
btan,

Is the info displayed from this site only accessible from metasploit pro?
http://help.metasploit.com/Content/22-payloads/payload-generator.html

I don't have pro. I just have the free version that comes with kali Linux.  

On a side note, I am not attacking anybody. All of the testing is done on my own lab networks for education purposes.
0
 
LVL 61

Accepted Solution

by:
btan earned 500 total points
Comment Utility
Thanks for clarifying the intent of the testing.
Yes for Pro if using dynamic payloads are exclusive to Metasploit Pro.
The Payload Generator with Classic Payloads is available in the free Metasploit Community Edition as well as the commercial editions Metasploit Express and Metasploit Pro. Dynamic Payloads can also be downloaded as stand-alone executables and are exclusive to Metasploit Pro.
https://community.rapid7.com/community/metasploit/blog/2014/03/26/new-metasploit-49-helps-evade-anti-virus-solutions-test-network-segmentation-and-increase-productivity-for-penetration-testers

However, if you check out the output option ""Choose from the following formats: executable, raw bytes, or shellcode buffer." that should still be available for all MS build.
0
 

Author Closing Comment

by:trojan81
Comment Utility
thank you
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
Healthcare organizations in the United States must adhere to the guidance of both the HIPAA (Health Insurance Portability and Accountability Act) and HITECH (Health Information Technology for Economic and Clinical Health Act) for securing and protec…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now