Re: Meterpreter x64 Payload

[northern monkee <dave () northern-monkee co uk>]

Solved apologies for being lame.

x64 payload would not encode because of bad chars in my array.

I also had my LHOST in a non routable network.


On 19 Mar 2012, at 11:24, northern monkee wrote:

> I did check here first also 
> http://en.wikibooks.org/wiki/Metasploit/Frequently_Asked_Questions#Exploit_failed:_No_encoders_encoded_the_buffer_successfully.
>
> And tried this payload, but I get the same error "Exploit failed: No encoders encoded the buffer successfully."
>
> On 19 Mar 2012, at 10:52, northern monkee wrote:
>
> > So I'm working on an exploit module for an arbitrary command injection vulnerability within an SAP RFC.
> >
> > I have a working Auxiliary module and I'm now trying to craft this into a module that can be used to return a 
> > Meterpreter session.
> >
> > The target platform I am working on is Windows 2008 server.
> >
> > I've pretty much just re-purposed the following exploit module 
> > http://dev.metasploit.com/redmine/projects/framework/repository/revisions/master/entry/modules/exploits/windows/http/sap_mgmt_con_osexec_payload.rb.
> >
> > If I set the payload to be windows/x64/meterpreter/bind_tcp I get the following error "Exploit failed: No encoders 
> > encoded the buffer successfully."
> >
> > If I set the payload to be windows/meterpreter/reverse_tcp, I get the following error:
> >
> > [*] Command Stager progress - 100.00% done (10565/10565 bytes)
> > [-] Exploit exception: wrong number of arguments (0 for 1)
> > [*] Exploit completed, but no session was created.
> >
> > When checking the file system the resulting EXE is not compatible with x64.
> >
> > I found the following http://mail.metasploit.com/pipermail/framework/2010-June/006437.html and this suggests that 
> > the mixins I am using "Msf::Exploit::CmdStagerVBS" and "Msf::Exploit::EXE" may be incompatible, without some 
> > fudging, with x64 systems?
> >
> > Any pointers would be appreciated, I've checked the dev guide and API guide, nothing jumps out at me and Google 
> > hasn't shown me much love.
> >
> > Cheers
> >
> > Dave
> >
> > email:    dave () northern-monkee co uk
> > skype:   n-monkee
> > ichat:     nmonkee.mac.com
> > web:      www.northern-monkee.co.uk
> > bus:       www.linkedin.com/in/nmonkee
> > twitter:   www.twitter.com/nmonkee
> >
> >
> >
> >
> > _______________________________________________
> > https://mail.metasploit.com/mailman/listinfo/framework
>
> email:    dave () northern-monkee co uk
> skype:   n-monkee
> ichat:     nmonkee.mac.com
> web:      www.northern-monkee.co.uk
> bus:       www.linkedin.com/in/nmonkee
> twitter:   www.twitter.com/nmonkee

email:    dave () northern-monkee co uk
skype:   n-monkee
ichat:     nmonkee.mac.com
web:      www.northern-monkee.co.uk
bus:       www.linkedin.com/in/nmonkee
twitter:   www.twitter.com/nmonkee




_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework