Metasploit mailing list archives
Re: Meterpreter x64 Payload
From: northern monkee <dave () northern-monkee co uk>
Date: Tue, 20 Mar 2012 15:57:15 +0000
Solved apologies for being lame. x64 payload would not encode because of bad chars in my array. I also had my LHOST in a non routable network. On 19 Mar 2012, at 11:24, northern monkee wrote:
I did check here first also http://en.wikibooks.org/wiki/Metasploit/Frequently_Asked_Questions#Exploit_failed:_No_encoders_encoded_the_buffer_successfully. And tried this payload, but I get the same error "Exploit failed: No encoders encoded the buffer successfully." On 19 Mar 2012, at 10:52, northern monkee wrote:So I'm working on an exploit module for an arbitrary command injection vulnerability within an SAP RFC. I have a working Auxiliary module and I'm now trying to craft this into a module that can be used to return a Meterpreter session. The target platform I am working on is Windows 2008 server. I've pretty much just re-purposed the following exploit module http://dev.metasploit.com/redmine/projects/framework/repository/revisions/master/entry/modules/exploits/windows/http/sap_mgmt_con_osexec_payload.rb. If I set the payload to be windows/x64/meterpreter/bind_tcp I get the following error "Exploit failed: No encoders encoded the buffer successfully." If I set the payload to be windows/meterpreter/reverse_tcp, I get the following error: [*] Command Stager progress - 100.00% done (10565/10565 bytes) [-] Exploit exception: wrong number of arguments (0 for 1) [*] Exploit completed, but no session was created. When checking the file system the resulting EXE is not compatible with x64. I found the following http://mail.metasploit.com/pipermail/framework/2010-June/006437.html and this suggests that the mixins I am using "Msf::Exploit::CmdStagerVBS" and "Msf::Exploit::EXE" may be incompatible, without some fudging, with x64 systems? Any pointers would be appreciated, I've checked the dev guide and API guide, nothing jumps out at me and Google hasn't shown me much love. Cheers Dave email: dave () northern-monkee co uk skype: n-monkee ichat: nmonkee.mac.com web: www.northern-monkee.co.uk bus: www.linkedin.com/in/nmonkee twitter: www.twitter.com/nmonkee _______________________________________________ https://mail.metasploit.com/mailman/listinfo/frameworkemail: dave () northern-monkee co uk skype: n-monkee ichat: nmonkee.mac.com web: www.northern-monkee.co.uk bus: www.linkedin.com/in/nmonkee twitter: www.twitter.com/nmonkee
email: dave () northern-monkee co uk skype: n-monkee ichat: nmonkee.mac.com web: www.northern-monkee.co.uk bus: www.linkedin.com/in/nmonkee twitter: www.twitter.com/nmonkee _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Meterpreter x64 Payload northern monkee (Mar 19)
- Re: Meterpreter x64 Payload northern monkee (Mar 19)
- Re: Meterpreter x64 Payload northern monkee (Mar 20)
- Re: Meterpreter x64 Payload northern monkee (Mar 19)