Home page logo

metasploit logo Metasploit mailing list archives

more testing
From: David Kennedy <kennedyd013 () gmail com>
Date: Sun, 20 Jun 2010 01:38:14 -0400

Been doing some more testing with Mubix (thanks man!) all of the x64 bit
payloads seem to be affected through mssql_payload and psexec (looks like
any upload like payloads). Using other methods aside from cmdstager are
still not functioning correctly. Strangely enough Mubix has them working on
a Windows 7 x64 (non VMWare) and my Windows 7 x64 (VMWare) does not work,
wondering if its a VMWare specific issue? Also tried on Server 2008 x64
(vmware) and two separate servers with the same results. All x86 based
payloads work without a hitch. Here's what I've tested.

windows/x64/meterpreter/bind_tcp - not working
windows/x64/meterpreter/reverse_tcp - not working
windows/meterpreter/bind_tcp - working
windows/meterpreter/reverse_tcp - working
windows/x64/shell/reverse_tcp - not working
windows/x64/shell/bind_tcp - not working
windows/x64/shell_reverse_tcp - not working

Thought maybe since all of them appear to use
Msf::Util::EXE.to_win32pe(framework,payload.encoded) it may be getting
encoded with a x86 based encoder and corrupting the binary? I'll test this
off tomorrow just a complete guess.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]