Metasploit mailing list archives

Delivering Linux Meterpreter via command injection

From: northern monkee <dave () northern-monkee co uk>
Date: Thu, 22 Mar 2012 15:06:51 +0000

I have three exploit modules written for SAP that exploit arbitrary command executions in order to deliver a Windows 
meterpreter payload.
 
I'm making use of Msf::Exploit::CmdStagerVBS and Msf::Exploit::EXE mixins to achieve this.
 
I basically looked through exploits already in MSF and figured out how they were doing it and ripped the code for my 
own purposes.
 
I'm struggling to find Linux examples, anyone tried this? point me at some existing code to speed things up?
 
I basically want to deliver the Linux meterpreter reverse TCP payload via an arbitrary command injection vulnerability.
 
The space I have is limited, so the stager is required.
 
Cheers

email:    dave () northern-monkee co uk
skype:   n-monkee
ichat:     nmonkee.mac.com
web:      www.northern-monkee.co.uk
bus:       www.linkedin.com/in/nmonkee
twitter:   www.twitter.com/nmonkee




_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

Current thread:

Delivering Linux Meterpreter via command injection northern monkee (Mar 22)
- Re: Delivering Linux Meterpreter via command injection egypt (Mar 22)