Meterpreter Staged Payloads #2

sanchious · 2023-07-12T19:55:29Z

sanchious
Jul 12, 2023

@lem0nSec Very interesting implementation. Thank you for the work you've done. Have you tried testing this with meterpreter staged payloads such as windows/x64/meterpreter/reverse_tcp or windows/x64/meterpreter/reverse_https?
I am having troubles getting a fully functioning meterpreter session - it dies.
ex:
**_msf6 exploit(multi/handler) > run

[] Started reverse TCP handler on 192.168.1.235:443
[] Sending stage (336 bytes) to 192.168.1.196
[-] Command shell session 3 is not valid and will be closed
[*] 192.168.1.196 - Command shell session 3 closed._**

Thanks in advance!

lem0nSec · 2023-07-13T08:00:11Z

lem0nSec
Jul 13, 2023
Maintainer

@sanchious Thank you for opening a discussion.
Staged payloads break the logic of this implementation since they allocate RWX memory.

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Meterpreter Staged Payloads #2

Uh oh!

{{title}}

Uh oh!

Replies: 1 comment

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{editor}}'s edit

{{editor}}'s edit

Uh oh!

Select a reply

Uh oh!

Meterpreter Staged Payloads #2

Uh oh!

sanchious Jul 12, 2023

Replies: 1 comment

Uh oh!

Uh oh!

lem0nSec Jul 13, 2023 Maintainer

sanchious
Jul 12, 2023

lem0nSec
Jul 13, 2023
Maintainer