What is Metasploit EXITFUNC?

What is Metasploit EXITFUNC?


Type : Tips and Trick

This simple information might be useful for you who use metasploit framework :-).

You will find out this EXITFUNC switch when you create a payload from metasploit framework.

What is Metasploit EXITFUNC?

This EXITFUNC option effectively sets a function hash in the payload that specifies a DLL and function to call when the payload is complete.

There are 4 different values for EXITFUNC : none, seh, thread and process. Usually it is set to thread or process, which corresponds to the ExitThread or ExitProcess calls. "none" technique will calls GetLastError, effectively a no-op. The thread will then continue executing, allowing you to simply cat multiple payloads together to be run in serial.

EXITFUNC will be useful in some cases where after you exploited a box, you need a clean exit, even unfortunately the biggest problem is that many payloads don’t have a clean execution path after the exitfunc ๐Ÿ™‚ .

SEH This method should be used when there is a structured exception handler (SEH) that will restart the thread or process automatically when an error occurs.
THREAD This method is used in most exploitation scenarios where the exploited process (e.g. IE) runs the shellcode in a sub-thread and exiting this thread results in a working application/system (clean exit)
PROCESS This method should be used with multi/handler. This method should also be used with any exploit where a master process restarts it on exit.

Hope it useful ๐Ÿ™‚

Subscribe Now To Get The Latest Tips and Trick on Your E-Mail

Share this article if you found it was useful:

Blogger at hacking-tutorial.com.

See all posts by || Visit Website : http://www.vishnuvalentino.com