Windows Inject PE Files, Reverse All-Port TCP Stager

2009-09-25T05:44:50
ID MSF:PAYLOAD/WINDOWS/PEINJECT/REVERSE_TCP_ALLPORTS/
Type metasploit
Reporter Rapid7
Modified 2020-12-07T10:31:45

Description

Inject a custom native PE file into the exploited process using a reflective PE loader. The reflective PE loader will execute the pre-mapped PE image starting from the address of entry after performing image base relocation and API address resolution. This module requires a PE file that contains relocation data and a valid (uncorrupted) import table. PE files with CLR(C#/.NET executables), bounded imports, and TLS callbacks are not currently supported. Also PE files which use resource loading might crash. . Try to connect back to the attacker, on all possible ports (1-65535, slowly)

                                        
                                            <!DOCTYPE html>
<html>
<head>
	<meta charset="UTF-8" />
	<meta content="" name="csrf-token" />
	<meta content="width=device-width, initial-scale=1" name="viewport" />
	<title>Lightspeed System - Web Access</title>
	<link rel="stylesheet" href="/css/access/access.css" type="text/css" />
	<link rel="icon" href="/images/favicon.ico" type="image/x-icon" />
</head>

<script type='text/javascript'>
	window.onload = function(){
		var form = document.getElementById("login_form");
		document.getElementById("submit_link").addEventListener("click", function(){
			form.submit();
		});
	};

	function enter_submit(e) {
		if (e && e.keyCode == 13) {
			var form = document.getElementById("login_form");
			form.submit();
		}
	}
</script>

<body>
	<div class="page-icon">
		<div class="page-icon--img page-icon--imgAccess">
		</div>
	</div>

	

	<div class="strip"><h1>Captive Portal</h1>
	</div>

	<div>
		<p class="text--blueGray">Please login to browse the internet.</p>
	</div>

	

	<div class="override">
		<form id="login_form" class="form" action="/access/portal" method="post">
			<span onkeyup="enter_submit(event);">
				<select name="auth_source_id"><option value="3">AD</option><option value="1">local users</option></select>
				<input type="hidden" name="id" value="45YVTDUESKJV4TJ4K64CM3WA0TCM2IJ5" />
				<input type="text" name="username" placeholder="Username" />
				<input type="password" name="password" placeholder="Password" />
			</span>
			<a id="submit_link" class="button button--blue" href="#">Login</a>
			<br/><br/>

			

			<div class="signinForm-options l-flex l-flex--vAlignBaseline">
				<div class="l-flex-item--allotWidth">
					<section class="signinSSOButtons signinSSOButtons--noAnimation">
						
					</section>
				</div>
			</div>
		</form>
	</div>

	
</body>
</html>