Hi, As of r3768 UPX is not part of sqlmap anymore and the --os-pwn switch has been slightly revamped. As per commit message:
""" [...] Now the Metasploit shellcode can not be run as a Metasploit generated payload stager anymore. Instead it can be run on the target system either via sys_bineval() (as it was before, anti-forensics mode, all the same) or via shellcodeexec executable. Advantages are that: * It is stealthier as the shellcode itself does not touch the filesystem, it's an argument passed to shellcodeexec at runtime. * shellcodeexec is not (yet) recognized as malicious by any (Avast excluded) AV product. * shellcodeexec binary size is significantly smaller than a Metasploit payload stager (even when packed with UPX). * UPX now is not needed anymore, so sqlmap package is also way smaller and less likely to be detected itself as malicious by your AV software. [...] """ Cheers, Bernardo On 21 April 2011 12:00, Miroslav Stampar <miroslav.stam...@gmail.com> wrote: > hi all. > > just to inform you that --os-pwn was down for last couple of days due > to a bug (if run on non-Windows platforms) with packing of payloads as > a result of our anti-virus avoiding maneuverers (UPX is falsely flaged > as virus by 10% of antivirus software, and it's quite annoying that > for example Avast triggers on official 0.9 release because of UPX). > > now everything should be back on tracks. > > kr > > -- > Miroslav Stampar > > E-mail: miroslav.stampar (at) gmail.com > PGP Key ID: 0xB5397B1B -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobile: +447788962949 (UK 07788962949) PGP Key ID: 0x05F5A30F ------------------------------------------------------------------------------ Fulfilling the Lean Software Promise Lean software platforms are now widely adopted and the benefits have been demonstrated beyond question. Learn why your peers are replacing JEE containers with lightweight application servers - and what you can gain from the move. http://p.sf.net/sfu/vmware-sfemails _______________________________________________ sqlmap-users mailing list sqlmap-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sqlmap-users
