Hi Folks, today I wanna talk about payloads.
Do you remember how difficult was to obtain a good payload to write your own shellcode ?
I remember these very useful links (1),(2),(3). At the beginning was mad: pointers, assembly, decompilers and tools to remove null bytes…. now everything is just EASY thank to metasploit (link is useless, everybody knows where to get it).
So, let’s generate a payload to embed in our source code.
- Select the payload that you like
- Configure it
- Generate the crafted payload
The above picture shows the configuration process that basically means:
- show payloads
- set LHOST
Now comes the fun. Using the command generate you can automatically generate the shellcode on you favorite language such as: ruby, perl, c or raw. Let’s try to generate the payload for a perl script. First of all select the payload that you like (I’m going to use the normal windows/shell/reverse_tcp) then configure it (aka set LHOST) and at the end generate the payload using generate -t perl .
Here it is ! Easy ! 😀
Now, let’s imagine you wanna encode your payload, generate -e is made for you. To show a list of available encoders just type show encoders and then utilize what you like more. Again, thank to metasploit the complicate and time consuming process of making payloads becomes easy and pretty intuitive. Good Job !