You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is especially evident in x64 mettle payloads, but because the payloads include padding, the elf2bin payload blobs are a lot larger than they need to be. A 700k elf file becomes almost 3MB on the wire because we literally transfer all of the padding null bytes into the target memory image. This is a similar story with Python meterpreter where quite a bit is whitespace.
It would be nice if there was some simple compression/encoding stagers could implement to transfer stages in a smaller way. Zlib might be too big, but even a RLE (Run Length Encoding) transfer would cut down on size substantially. If we're ok with a C-based stager, there are probably a lot more things we could try.
The text was updated successfully, but these errors were encountered:
The stagers in the python payloads are base64 encoded. Can we implement the same in case of the stages because base64 encoding is provided as a direct function in python. @busterb@zeroSteiner
This is especially evident in x64 mettle payloads, but because the payloads include padding, the elf2bin payload blobs are a lot larger than they need to be. A 700k elf file becomes almost 3MB on the wire because we literally transfer all of the padding null bytes into the target memory image. This is a similar story with Python meterpreter where quite a bit is whitespace.
It would be nice if there was some simple compression/encoding stagers could implement to transfer stages in a smaller way. Zlib might be too big, but even a RLE (Run Length Encoding) transfer would cut down on size substantially. If we're ok with a C-based stager, there are probably a lot more things we could try.
The text was updated successfully, but these errors were encountered: