Random Metasploit Question
![[Deleted User]](https://us.v-cdn.net/6030959/uploads/defaultavatar/nE1RZK93BLG3K.jpg)
[Deleted User]
Senior MemberPosts: 0 ■■□□□□□□□□
in Off-Topic
To my fellow Penetration Testers:
I've been wondering this for a while now and was curious if this is already part of the MSF framework. When choosing your payload for a particular exploit (Ex: windows/meterpreter/bind_tcp) the payloads I see have to be a part of the "show payloads" command based on the exploit and if the payload is compatible. AV is something that always flags meterpreter and I usually run my payloads through AV avoidance tools such as shellter. When using an exploit in MSF, I would like to be able to point to my AV avoidance generated payload (so in other words, I want to use a command such as set payload /path/to/av/avoidance/generated/payload instead of windows/meterpreter/bind_tcp). Is this something that is a part of the MSF framework that I am just missing? If this isn't a feature, I would like to submit this to Rapid7 to see if it can be implemented as a future request? Do you all agree? Thanks enjoy the weekend!
I've been wondering this for a while now and was curious if this is already part of the MSF framework. When choosing your payload for a particular exploit (Ex: windows/meterpreter/bind_tcp) the payloads I see have to be a part of the "show payloads" command based on the exploit and if the payload is compatible. AV is something that always flags meterpreter and I usually run my payloads through AV avoidance tools such as shellter. When using an exploit in MSF, I would like to be able to point to my AV avoidance generated payload (so in other words, I want to use a command such as set payload /path/to/av/avoidance/generated/payload instead of windows/meterpreter/bind_tcp). Is this something that is a part of the MSF framework that I am just missing? If this isn't a feature, I would like to submit this to Rapid7 to see if it can be implemented as a future request? Do you all agree? Thanks enjoy the weekend!
Comments
-
yoba222
Member Posts: 1,237 ■■■■■■■■□□
Good question. Pretty sure I'll need to know this sometime this year. It looks like using generic/custom would work. Haven't 100% tested this yet.
https://www.rapid7.com/db/modules/payload/generic/custom
A+, Network+, CCNA, LFCS,
Security+, eJPT, CySA+, PenTest+,
Cisco CyberOps, GCIH, VHL,
In progress: OSCP -
[Deleted User]
Senior Member Posts: 0 ■■□□□□□□□□
Thanks yoba222!!
I didn't know that this was already a part of the framework! I was going to give you rep points but I gave you some already and it won't let me give you more! Thank you for looking into this! This is exactly what I was looking for! Learned something new today! Going to use this for future testing!