Hi Folks, today I wanna talk about payloads.
Do you remember how difficult was to obtain a good payload to write your own shellcode ?
I remember these very useful links (1),(2),(3). At the beginning was mad: pointers, assembly, decompilers and tools to remove null bytes.... now everything is just EASY thank to metasploit (link is useless, everybody knows where to get it).
So, let's generate a payload to embed in our source code.
- Select the payload that you like
- Configure it
- Generate the crafted payload
The above picture shows the configuration process that basically means:
- show payloads
- set LHOST
Here it is ! Easy ! :D
Now, let's imagine you wanna encode your payload, generate -e is made for you. To show a list of available encoders just type show encoders and then utilize what you like more. Again, thank to metasploit the complicate and time consuming process of making payloads becomes easy and pretty intuitive. Good Job !