lmao the living hell persists buit so do i :sweetdreams:
This commit is contained in:
@@ -0,0 +1,104 @@
|
||||
|
||||
Name: TFTP Fetch
|
||||
Module: payload/cmd/linux/tftp/mipsle/meterpreter_reverse_http
|
||||
Platform: Linux
|
||||
Arch: cmd
|
||||
Needs Admin: No
|
||||
Total size: 114
|
||||
Rank: Normal
|
||||
|
||||
Provided by:
|
||||
|
||||
Evasion options for payload/cmd/linux/tftp/mipsle/meterpreter_reverse_http:
|
||||
=========================
|
||||
|
||||
ok@rapid7.com>
|
||||
timwr
|
||||
|
||||
Basic options:
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
FETCH_COMMAND CURL yes Command to fetch payload (Accepted: CURL, FTP, TFTP, TNFTP, WGET)
|
||||
FETCH_DELETE false yes Attempt to delete the binary after execution
|
||||
FETCH_FILELESS none yes Attempt to run payload without touching disk by using anonymous handles, requires Linux ≥3.17 (for Python variant also Python ≥3.8 (Accepted: none, bash, python3.8+)
|
||||
FETCH_SRVHOST no Local IP to use for serving payload
|
||||
FETCH_SRVONCE true yes Stop serving the payload after it is retrieved
|
||||
FETCH_SRVPORT 8080 yes Local port to use for serving payload
|
||||
FETCH_URIPATH no Local URI to use for serving payload
|
||||
LHOST yes The local listener hostname
|
||||
LPORT 8080 yes The local listener port
|
||||
LURI no The HTTP Path
|
||||
|
||||
|
||||
When FETCH_COMMAND is one of CURL,WGET:
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
FETCH_PIPE false yes Host both the binary payload and the command so it can be piped directly to the shell.
|
||||
|
||||
|
||||
When FETCH_FILELESS is none:
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
FETCH_FILENAME FugHyIMduJtv no Name to use on remote system when storing payload; cannot contain spaces or slashes
|
||||
FETCH_WRITABLE_DIR ./ yes Remote writable dir to store payload; cannot contain spaces
|
||||
|
||||
Description:
|
||||
Fetch and execute an MIPSLE payload from a TFTP server.
|
||||
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
AutoLoadStdapi true yes Automatically load the Stdapi extension
|
||||
AutoRunScript no A script to run automatically on session creation.
|
||||
AutoSystemInfo true yes Automatically capture system information on initialization.
|
||||
AutoUnhookProcess false yes Automatically load the unhook extension and unhook the process
|
||||
AutoVerifySessionTimeout 30 no Timeout period to wait for session validation to occur, in seconds
|
||||
EXE::Custom no Use custom exe instead of automatically generating a payload exe
|
||||
EXE::EICAR false no Generate an EICAR file instead of regular payload exe
|
||||
EXE::FallBack false no Use the default template in case the specified one is missing
|
||||
EXE::Inject false no Set to preserve the original EXE function
|
||||
EXE::OldMethod false no Set to use the substitution EXE generation method.
|
||||
EXE::Path no The directory in which to look for the executable template
|
||||
EXE::Template no The executable template file name.
|
||||
EnableUnicodeEncoding false yes Automatically encode UTF-8 strings as hexadecimal
|
||||
FetchHandlerDisable false yes Disable fetch handler
|
||||
FetchListenerBindAddress no The specific IP address to bind to to serve the payload if different from FETCH_SRVHOST
|
||||
FetchListenerBindPort no The port to bind to if different from FETCH_SRVPORT
|
||||
HandlerSSLCert no Path to a SSL certificate in unified PEM format, ignored for HTTP transports
|
||||
HttpServerName Apache no The server header that the handler will send in response to requests
|
||||
HttpUnknownRequestResponse <html><body><h1>It works!</h1></body></html> no The returned HTML response body when the handler receives a request that is not from a payload
|
||||
HttpUserAgent Mozilla/5.0 (iPad; CPU OS 17_7_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Mobile/15E148 Safari/604.1 no The user-agent that the payload should use for communication Max parameter length: 255 characters
|
||||
IgnoreUnknownPayloads false no Whether to drop connections from payloads using unknown UUIDs
|
||||
InitialAutoRunScript no An initial script to run on session creation (before AutoRunScript)
|
||||
MSI::Custom no Use custom msi instead of automatically generating a payload msi
|
||||
MSI::EICAR false no Generate an EICAR file instead of regular payload msi
|
||||
MSI::Path no The directory in which to look for the msi template
|
||||
MSI::Template no The msi template file name
|
||||
MSI::UAC false no Create an MSI with a UAC prompt (elevation to SYSTEM if accepted)
|
||||
MeterpreterDebugBuild false no Use a debug version of Meterpreter
|
||||
MeterpreterDebugLogging no The Meterpreter debug logging configuration, see https://docs.metasploit.com/docs/using-metasploit/advanced/meterpreter/meterpreter-debugging-meterpreter-sessions.html
|
||||
MeterpreterTryToFork false no Fork a new process if the functionality is available
|
||||
OverrideLHOST no When OverrideRequestHost is set, use this value as the host name for secondary requests
|
||||
OverrideLPORT no When OverrideRequestHost is set, use this value as the port number for secondary requests
|
||||
OverrideRequestHost false no Forces a specific host and port instead of using what the client requests, defaults to LHOST:LPORT
|
||||
OverrideScheme no When OverrideRequestHost is set, use this value as the scheme for secondary requests, e.g http or https
|
||||
PayloadProcessCommandLine no The displayed command line that will be used by the payload
|
||||
PayloadUUIDName no A human-friendly name to reference this unique payload (requires tracking)
|
||||
PayloadUUIDRaw no A hex string representing the raw 8-byte PUID value for the UUID
|
||||
PayloadUUIDSeed no A string to use when generating the payload UUID (deterministic)
|
||||
PayloadUUIDTracking false yes Whether or not to automatically register generated UUIDs
|
||||
PingbackRetries 0 yes How many additional successful pingbacks
|
||||
PingbackSleep 30 yes Time (in seconds) to sleep between pingbacks
|
||||
ReverseAllowProxy false yes Allow reverse tcp even with Proxies specified. Connect back will NOT go through proxy but directly to LHOST
|
||||
ReverseListenerBindAddress no The specific IP address to bind to on the local system
|
||||
ReverseListenerBindPort no The port to bind to on the local system if different from LPORT
|
||||
ReverseListenerComm no The specific communication channel to use for this listener
|
||||
SessionCommunicationTimeout 300 no The number of seconds of no activity before this session should be killed
|
||||
SessionExpirationTimeout 604800 no The number of seconds before this session should be forcibly shut down
|
||||
SessionRetryTotal 3600 no Number of seconds try reconnecting for on network failure
|
||||
SessionRetryWait 10 no Number of seconds to wait between reconnect attempts
|
||||
VERBOSE false no Enable detailed status messages
|
||||
WORKSPACE no Specify the workspace for this module
|
||||
|
||||
Reference in New Issue
Block a user