API tools faq
paste
Advertisement
SH1NU11b1

mpc

SH1NU11b1
Aug 17th, 2015
257
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.04 KB | None | 0 0
raw download clone embed print report
  1.  
  2. root@kali:~# mpc
  3. [*] Msfvenom Payload Creator (MPC v1.3.2)
  4.  
  5. [i] Missing type
  6.  
  7. [i] /usr/bin/mpc <TYPE> (<DOMAIN/IP>) (<PORT>) (<CMD/MSF>) (<BIND/REVERSE>) (<STAGED/STAGELESS>) (<TCP/HTTP/HTTPS/FIND_PORT>) (<BATCH/LOOP>) (<VERBOSE>)
  8. [i] Example: /usr/bin/mpc windows 192.168.1.10 # Windows & manual IP.
  9. [i] /usr/bin/mpc elf bind eth0 4444 # Linux, eth0's IP & manual port.
  10. [i] /usr/bin/mpc stageless cmd py https # Python, stageless command prompt.
  11. [i] /usr/bin/mpc verbose loop eth1 # A payload for every type, using eth1's IP.
  12. [i] /usr/bin/mpc msf batch wan # All possible Meterpreter payloads, using WAN IP.
  13. [i] /usr/bin/mpc help verbose # Help screen, with even more information.
  14.  
  15. [i] <TYPE>:
  16. [i] + ASP
  17. [i] + ASPX
  18. [i] + Bash [.sh]
  19. [i] + Java [.jsp]
  20. [i] + Linux [.elf]
  21. [i] + OSX [.macho]
  22. [i] + Perl [.pl]
  23. [i] + PHP
  24. [i] + Powershell [.ps1]
  25. [i] + Python [.py]
  26. [i] + Tomcat [.war]
  27. [i] + Windows [.exe]
  28.  
  29. [i] Rather than putting <DOMAIN/IP>, you can do a interface and MPC will detect that IP address.
  30. [i] Missing <DOMAIN/IP> will default to the IP menu.
  31.  
  32. [i] Missing <PORT> will default to 443.
  33.  
  34. [i] <CMD> is a standard/native command prompt/terminal to interactive with.
  35. [i] <MSF> is a custom cross platform Meterpreter shell, gaining the full power of Metasploit.
  36. [i] Missing <CMD/MSF> will default to <MSF> where possible.
  37.  
  38. [i] <BIND> opens a port on the target side, and the attacker connects to them. Commonly blocked with ingress firewalls rules on the target.
  39. [i] <REVERSE> makes the target connect back to the attacker. The attacker needs an open port. Blocked with engress firewalls rules on the target.
  40. [i] Missing <BIND/REVERSE> will default to <REVERSE>.
  41.  
  42. [i] <STAGED> splits the payload into parts, making it smaller but dependent on Metasploit.
  43. [i] <STAGELESS> is the complete standalone payload. More 'stable' than <STAGED>.
  44. [i] Missing <STAGED/STAGELESS> will default to <STAGED> where possible.
  45.  
  46. [i] <TCP> is the standard method to connecting back. This is the most compatible with TYPES as its RAW. Can be easily detected on IDSs.
  47. [i] <HTTP> makes the communication appear to be HTTP traffic (unencrypted). Helpful for packet inspection, which limit port access on protocol - e.g. TCP 80.
  48. [i] <HTTPS> makes the communication appear to be (encrypted) HTTP traffic using as SSL. Helpful for packet inspection, which limit port access on protocol - e.g. TCP 443.
  49. [i] <FIND_PORT> will attempt every port on the target machine, to find a way out. Useful with stick ingress/engress firewall rules. Will switch to 'allports' based on <TYPE>.
  50. [i] Missing <TCP/HTTP/HTTPS/FIND_PORT> will default to <TCP>.
  51.  
  52. [i] <BATCH> will generate as many combinations as possible: <TYPE>, <CMD + MSF>, <BIND + REVERSE>, <STAGED + STAGLESS> & <TCP + HTTP + HTTPS + FIND_PORT>
  53. [i] <LOOP> will just create one of each <TYPE>.
  54.  
  55. [i] <VERBOSE> will display more information.
  56. root@kali:~#
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!