TeCHemically Posted October 4, 2013 Share Posted October 4, 2013 I would like to know if there is a way to generate random exe templates for injecting custom shellcode into; just like msf pro does. Is there a manual way to do this? If not, where can I find the information I will need to write my own? I am not a programmer so this will need to be VERY good instruction for me to be able to follow. I am willing to learn but I am very inexperienced here. I basically need to be able to create my own custom/random exe template then know how to add the custom shellcode into it that is created by msfvenom's output so that it runs. Thanks to all who help! Quote Link to comment Share on other sites More sharing options...
TeCHemically Posted October 4, 2013 Author Share Posted October 4, 2013 scriptjunkie detailed this type of thing in an article on his site called "Why Encoding Does not Matter and How Metasploit Generates EXEs". So, should I attempt to modify an existing exe or is is simpler to create my own for this purpose? Quote Link to comment Share on other sites More sharing options...
Xcellerator Posted October 4, 2013 Share Posted October 4, 2013 Well, AV evasion can be a tricky thing. Binary dropping should tend to be your last resort as far as gaining remote access goes. And even then, it's best to work out more creative ways. For example, Imagine a binary that simply called powershell with the Invoke-Shellcode function from Powersploit? Similar to what I did here: https://forums.hak5.org/index.php?/topic/30398-payload-the-fastest-meterpreter-shell-youll-ever-get/ Or a VBS script that emulates the keyboard (essentially a software version of the Ducky).. Or even better, a remote exploit (psexec, ms08_067_netapi and jmxbean tend to be good in metasploit)... Code execution always requires a bit of imagination... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.