◾  Ethical Hacking and Penetration Testing Guide Generating the ShellCode

Windows Exploit Development Basics
◾ 
287
Next, we configure the multihandler to listen to connections on port 1337:
As soon as we execute this exploit code, we have a command shell on the victim’s machine:
Generating Metasploit Module
We can easily use mona to generate a Metasploit module for our exploit code. For this to work, 
we need to generate a pattern with mona and then use our skeleton to send the pattern to our 
program. To generate a pattern of 700 characters, use the following command:
!mona pc 700
Upon execution, the program would be paused inside the debugger, and then we run the fol-
lowing command to suggest a module:
Command
:
!mona suggest –cpb "\x00\x0a\x0d"
Next, it will ask what type of exploit skeleton to build; since FTP runs on TCP, we would 
choose network client (tcp).

288
◾ 
Ethical Hacking and Penetration Testing Guide
Next, it will ask the port on which the FTP server is running; this command would be fed 
inside of the lport, which we can change later.
Once you click “Ok”, it will automatically generate a Metasploit module for you; however, to 
make it work, you still need to make a few edits to the code. We can see that the code already has 
the bad characters \x00\x0a\x0d due to the cpb option we defined.

Yüklə 22,44 Mb.

Dostları ilə paylaş: