Home
General
Off-Topic
Random Metasploit Question
[Deleted User]
To my fellow Penetration Testers:
I've been wondering this for a while now and was curious if this is already part of the MSF framework. When choosing your payload for a particular exploit (Ex: windows/meterpreter/bind_tcp) the payloads I see have to be a part of the "show payloads" command based on the exploit and if the payload is compatible. AV is something that always flags meterpreter and I usually run my payloads through AV avoidance tools such as shellter. When using an exploit in MSF, I would like to be able to point to my AV avoidance generated payload (so in other words, I want to use a command such as set payload /path/to/av/avoidance/generated/payload instead of windows/meterpreter/bind_tcp). Is this something that is a part of the MSF framework that I am just missing? If this isn't a feature, I would like to submit this to Rapid7 to see if it can be implemented as a future request? Do you all agree? Thanks enjoy the weekend!
Find more posts tagged with
Comments
yoba222
Good question. Pretty sure I'll need to know this sometime this year. It looks like using generic/custom would work. Haven't 100% tested this yet.
https://www.rapid7.com/db/modules/payload/generic/custom
Screenshot_2018-08-04_10-42-04.jpg
[Deleted User]
Thanks yoba222!!
I didn't know that this was already a part of the framework! I was going to give you rep points but I gave you some already and it won't let me give you more! Thank you for looking into this! This is exactly what I was looking for! Learned something new today! Going to use this for future testing!
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
![Photo of [Deleted User]](https://us.v-cdn.net/6030959/uploads/defaultavatar/nE1RZK93BLG3K.jpg)
