Type : Tips and Trick
Level : Easy
Today tips and trick is very easy to follow, because I just want to explain about the usage of msfpayload metasploit command-line instance.
This tutorial is about Generate a Shellcode Using MSFPAYLOAD Metasploit Command Line Instance, learn how do you generate a shellcode for an exploit that are currently not in metasploit framework library.
According to offensive-security.com msfpayload is :
msfpayload is a command-line instance of Metasploit that is used to generate and output all of the various types of shellcode that are available in Metasploit
1. Metasploit framework
The step by step below I do on Backtrack 5 R2.
1. Open your terminal (CTRL + ALT + T)
2. Type msfpayload -h for help
3. To list the available payload, you also can view it using msfpayload -l command (I snip the pic below, it's too long)
4. Let's say the payload I want to use is windows/shell_bind_tcp, the next step is you need to know about the switch which you need to configure, so we need to know the available switch by add "O" (see picture).
as you can see from the picture, the required switch is EXITFUNC (default will be process) and LPORT (local port where this shellcode run at)
5. Now I want to add the value to the LPORT switch, so my command is like this :
msfpayload windows/shell_bind_tcp LPORT=4321 O
6. If everything has configured successfully, now we will generate the shellcode. To generate the shellcode there's an option to specify the output type (C, Perl, Raw, etc), in this example I will use Perl to output the shellcode.
that's the shellcode and ready to use…
Hope it's useful 🙂