A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Designing and Implementing a Universal Meterpreter Payload - Brent Cook NolaCon 2017 (Hacking Illustrated Series InfoSec Tutorial Videos)

Designing and Implementing a Universal Meterpreter Payload
Brent Cook
@busterbcook

While Windows has always been well supported with Metasploit's Meterpreter payload, other platforms have not historically had similarly sophisticated options available. Metasploit has four alternative Meterpreter implementations, targeting Android, Java, Python and PHP, but these also are not always usable, since they target a particular software platform as well. This is especially a problem with embedded devices, where one must fall back to a simple unencrypted TCP shell. While this is fine for research purposes, it is not optimal for practical exploitation or red-teaming, where an offensive security professional would prefer to maintain as high operational safety and integrity as possible. In this talk, I will explore the process of designing and developing a new cross-OS and cross-platform Meterpreter payload for Metasploit. It uses very few resources, making it suitable for targets from routers to phones to mainframes. At the same time, it offers more functionality, confidentiality, and security than a reverse shell. It is fully relocatable and self-contained, making it reusable in many contexts. I will also demonstrate the payload using diverse C2 transports to evade detection, and its target flexibility, running on an S390 mainframe, an iPhone, and a SOHO consumer router.

Brent Cook is the Engineering Manager for Metasploit at Rapid7, as well as one of the core Meterpreter payload developers. He is also a contributor to the LibreSSL and OpenNTP projects, maintaining the portable versions for several operating systems. Brent has over 15 years experience as a software and firmware developer, having developed high-performance networking and embedded software at Applied Materials, BreakingPoint, Calxeda, and Ixia.

Recorded at NolaCon 2017

Back to NolaCon 2017 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast