Guest Posted November 18, 2015 Posted November 18, 2015 I'm trying to use Msfvenom to generate a reverse payload for my Raspberry Pi 2 to connect back to me but none of the combinations I've tried have worked and I can't find any example of this by searching. Quote
cooper Posted November 18, 2015 Posted November 18, 2015 The smart thing to do at this point is to state just what parameters you're providing to msfvenom and how the other side is responding when you supply the payload. Does the remote service crash? Log an error? Anything? Quote
Guest Posted November 18, 2015 Posted November 18, 2015 (edited) The smart thing to do at this point is to state just what parameters you're providing to msfvenom and how the other side is responding when you supply the payload. Does the remote service crash? Log an error? Anything? I'm not doing anything with remote attacks as I'm just trying to get them to run client side. Payloads I've tried without success include generic/shell_reverse_tcp, linux/armle/shell/reverse_tcp, python/shell_reverse_tcp, cmd/unix/reverse_python so I'm wondering if you can tell me a payload combination that's known to work on the Pi. Edited November 18, 2015 by No Name Quote
cooper Posted November 18, 2015 Posted November 18, 2015 I can't. But maybe you can follow my advice and answer my question? I don't regularly dabble with metasploit but I have a nice stack of ARM machines so I could during some off-time try to throw some commands at it, but I'm not going to start from scratch while you sit back with your legs on the table, drinking coffee. Quote
Guest Posted November 18, 2015 Posted November 18, 2015 I can't. But maybe you can follow my advice and answer my question? I don't regularly dabble with metasploit but I have a nice stack of ARM machines so I could during some off-time try to throw some commands at it, but I'm not going to start from scratch while you sit back with your legs on the table, drinking coffee. Surely I can't be the first one to think of Metasploit payloads for the Raspberry Pi but all the links I've found by search only talks about running Metasploit framework on the Pi. Quote
i8igmac Posted November 18, 2015 Posted November 18, 2015 (edited) I would guess linux/x86/ or cmd/unix/bash What is the installed operating system? raspbian? perl, python, ruby, php, java... are any of these installed? Edited November 18, 2015 by i8igmac Quote
Guest Posted November 20, 2015 Posted November 20, 2015 I think I found my problem of trying to generate a compatible ELF payload instead of a language specific one. Python seems to be the most reliable but that then also introduces the issue of it automatically daemonizing instead of running in the foreground. Quote
cooper Posted November 20, 2015 Posted November 20, 2015 I would guess linux/x86/ or cmd/unix/bash What is the installed operating system? raspbian? perl, python, ruby, php, java... are any of these installed? A Pi is an ARM box and, depending on the version of the Pi, an ARMv6 or an ARMv7. v7 code potentially doesn't run on a v6 core because on its expanded instruction set. Quote
Guest Posted November 22, 2015 Posted November 22, 2015 Due to the payload automatically daemonizing itself, I ended up using a Bash wrapper to run it as a Systemd service. Quote
cooper Posted November 23, 2015 Posted November 23, 2015 I'm just going to point this out again: Because you provide *nothing* about... - what you were doing - how you were doing it - what the problem was you were seeing - how you decided on things to try to fix it - which of those eventually worked the next time someone runs into a similar situation (s)he'll be as in the dark as you were previously. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.