I while ago, when I was doing the OSCP course. I learned about shellcodes and exploits. During this time, usage of Metasploit’s online shellcode generator was really useful. When it came down to exam time, well the site was down… No more automated tool, and this during my 24 hour exam. What did I do? A little google search and presto found how to correctly use msfpayload + msfencode. All was well.
Since then, I’ve gone back to using the online tool. Bad idea.. I say this because recently, I’ve had to generate some shellcode for an exploit. Of course the automated online tool was down. This forced me once again to re-learn the command line tool. This made me realize two things.
1: We rely way too much on automated tools
2: Laziness kicks in so very fast.
I mean, it isn’t that hard to use, and remember. Just need to type it a few times to get the syntax burned into that gray matter of ours.
msfpayload windows/exec cmd=calc.exe R | msfencode -b ‘\x00\x0a\x2f\x5c’ -e x86/shikata_ga_nai -t c
Here’s an example of using both msfpayload and msfencode.
The payload is windows/exec, the CMD is calc.exe and we output the raw code. We pipe that into msfencode.
The “-b” is the list of bad characters the -e is the encoder (this case shikata ga nai) and we output to C format using the “-t” switch.
There are plenty of online resources that can show you how to use it. This is true for every automated tool we are used to use.
Bottom line, if it’s command line and there’s an automated tool…. learn the command line first.
You never know when that automated one will be pulled off the air.