不多说,直接上干货!
前期博客
Kali linux 2016.2(Rolling)中的Exploits模块详解
payloads模块,也就是shellcode,就是在漏洞利用成功后所要做的事情。在MSF中为我们提供了大量的实用payloads。
当我们执行 Show payloads命令后,显示3列,分别为Exploit名称 等级 描述
root@kali:~# msfconsole Metasploit Park, System Security Interface Version 4.0.5, Alpha E Ready... > access security access: PERMISSION DENIED. > access security grid access: PERMISSION DENIED. > access main security grid access: PERMISSION DENIED....and... YOU DIDN'T SAY THE MAGIC WORD! YOU DIDN'T SAY THE MAGIC WORD! YOU DIDN'T SAY THE MAGIC WORD! YOU DIDN'T SAY THE MAGIC WORD! YOU DIDN'T SAY THE MAGIC WORD! YOU DIDN'T SAY THE MAGIC WORD! YOU DIDN'T SAY THE MAGIC WORD! Taking notes in notepad? Have Metasploit Pro track & report your progress and findings -- learn more on http://rapid7.com/metasploit =[ metasploit v4.12.41-dev ] + -- --=[ 1597 exploits - 912 auxiliary - 274 post ] + -- --=[ 458 payloads - 39 encoders - 8 nops ] + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ] msf > show payloads Payloads ======== Name Disclosure Date Rank Description ---- --------------- ---- ----------- aix/ppc/shell_bind_tcp normal AIX Command Shell, Bind TCP Inline aix/ppc/shell_find_port normal AIX Command Shell, Find Port Inline aix/ppc/shell_interact normal AIX execve Shell for inetd aix/ppc/shell_reverse_tcp normal AIX Command Shell, Reverse TCP Inline android/meterpreter/reverse_http normal Android Meterpreter, Android Reverse HTTP Stager android/meterpreter/reverse_https normal Android Meterpreter, Android Reverse HTTPS Stager android/meterpreter/reverse_tcp normal Android Meterpreter, Android Reverse TCP Stager android/meterpreter_reverse_http normal Android Meterpreter Shell, Reverse HTTP Inline android/meterpreter_reverse_tcp normal Android Meterpreter Shell, Reverse TCP Inline android/shell/reverse_http normal Command Shell, Android Reverse HTTP Stager android/shell/reverse_https normal Command Shell, Android Reverse HTTPS Stager android/shell/reverse_tcp normal Command Shell, Android Reverse TCP Stager bsd/sparc/shell_bind_tcp normal BSD Command Shell, Bind TCP Inline bsd/sparc/shell_reverse_tcp normal BSD Command Shell, Reverse TCP Inline bsd/x64/exec normal BSD x64 Execute Command bsd/x64/shell_bind_ipv6_tcp normal BSD x64 Command Shell, Bind TCP Inline (IPv6) bsd/x64/shell_bind_tcp normal BSD x64 Shell Bind TCP bsd/x64/shell_bind_tcp_small normal BSD x64 Command Shell, Bind TCP Inline bsd/x64/shell_reverse_ipv6_tcp normal BSD x64 Command Shell, Reverse TCP Inline (IPv6) bsd/x64/shell_reverse_tcp normal BSD x64 Shell Reverse TCP bsd/x64/shell_reverse_tcp_small normal BSD x64 Command Shell, Reverse TCP Inline bsd/x86/exec normal BSD Execute Command bsd/x86/metsvc_bind_tcp normal FreeBSD Meterpreter Service, Bind TCP bsd/x86/metsvc_reverse_tcp normal FreeBSD Meterpreter Service, Reverse TCP Inline bsd/x86/shell/bind_ipv6_tcp normal BSD Command Shell, Bind TCP Stager (IPv6) bsd/x86/shell/bind_tcp normal BSD Command Shell, Bind TCP Stager bsd/x86/shell/find_tag normal BSD Command Shell, Find Tag Stager bsd/x86/shell/reverse_ipv6_tcp normal BSD Command Shell, Reverse TCP Stager (IPv6) bsd/x86/shell/reverse_tcp normal BSD Command Shell, Reverse TCP Stager bsd/x86/shell_bind_tcp normal BSD Command Shell, Bind TCP Inline bsd/x86/shell_bind_tcp_ipv6 normal BSD Command Shell, Bind TCP Inline (IPv6) bsd/x86/shell_find_port normal BSD Command Shell, Find Port Inline bsd/x86/shell_find_tag normal BSD Command Shell, Find Tag Inline bsd/x86/shell_reverse_tcp normal BSD Command Shell, Reverse TCP Inline bsd/x86/shell_reverse_tcp_ipv6 normal BSD Command Shell, Reverse TCP Inline (IPv6) bsdi/x86/shell/bind_tcp normal BSDi Command Shell, Bind TCP Stager bsdi/x86/shell/reverse_tcp normal BSDi Command Shell, Reverse TCP Stager bsdi/x86/shell_bind_tcp normal BSDi Command Shell, Bind TCP Inline bsdi/x86/shell_find_port normal BSDi Command Shell, Find Port Inline bsdi/x86/shell_reverse_tcp normal BSDi Command Shell, Reverse TCP Inline cmd/mainframe/generic_jcl normal Generic JCL Test for Mainframe Exploits cmd/mainframe/reverse_shell_jcl normal Z/OS (MVS) Command Shell, Reverse TCP cmd/unix/bind_awk normal Unix Command Shell, Bind TCP (via AWK) cmd/unix/bind_inetd normal Unix Command Shell, Bind TCP (inetd) cmd/unix/bind_lua normal Unix Command Shell, Bind TCP (via Lua) cmd/unix/bind_netcat normal Unix Command Shell, Bind TCP (via netcat) cmd/unix/bind_netcat_gaping normal Unix Command Shell, Bind TCP (via netcat -e) cmd/unix/bind_netcat_gaping_ipv6 normal Unix Command Shell, Bind TCP (via netcat -e) IPv6 cmd/unix/bind_nodejs normal Unix Command Shell, Bind TCP (via nodejs) cmd/unix/bind_perl normal Unix Command Shell, Bind TCP (via Perl) cmd/unix/bind_perl_ipv6 normal Unix Command Shell, Bind TCP (via perl) IPv6 cmd/unix/bind_ruby normal Unix Command Shell, Bind TCP (via Ruby) cmd/unix/bind_ruby_ipv6 normal Unix Command Shell, Bind TCP (via Ruby) IPv6 cmd/unix/bind_zsh normal Unix Command Shell, Bind TCP (via Zsh) cmd/unix/generic normal Unix Command, Generic Command Execution cmd/unix/interact normal Unix Command, Interact with Established Connection cmd/unix/reverse normal Unix Command Shell, Double Reverse TCP (telnet) cmd/unix/reverse_awk normal Unix Command Shell, Reverse TCP (via AWK) cmd/unix/reverse_bash normal Unix Command Shell, Reverse TCP (/dev/tcp) cmd/unix/reverse_bash_telnet_ssl normal Unix Command Shell, Reverse TCP SSL (telnet) cmd/unix/reverse_lua normal Unix Command Shell, Reverse TCP (via Lua) cmd/unix/reverse_netcat normal Unix Command Shell, Reverse TCP (via netcat) cmd/unix/reverse_netcat_gaping normal Unix Command Shell, Reverse TCP (via netcat -e) cmd/unix/reverse_nodejs normal Unix Command Shell, Reverse TCP (via nodejs) cmd/unix/reverse_openssl normal Unix Command Shell, Double Reverse TCP SSL (openssl) cmd/unix/reverse_perl normal Unix Command Shell, Reverse TCP (via Perl) cmd/unix/reverse_perl_ssl normal Unix Command Shell, Reverse TCP SSL (via perl) cmd/unix/reverse_php_ssl normal Unix Command Shell, Reverse TCP SSL (via php) cmd/unix/reverse_python normal Unix Command Shell, Reverse TCP (via Python) cmd/unix/reverse_python_ssl normal Unix Command Shell, Reverse TCP SSL (via python) cmd/unix/reverse_ruby normal Unix Command Shell, Reverse TCP (via Ruby) cmd/unix/reverse_ruby_ssl normal Unix Command Shell, Reverse TCP SSL (via Ruby) cmd/unix/reverse_ssl_double_telnet normal Unix Command Shell, Double Reverse TCP SSL (telnet) cmd/unix/reverse_zsh normal Unix Command Shell, Reverse TCP (via Zsh) cmd/windows/adduser normal Windows Execute net user /ADD CMD cmd/windows/bind_lua normal Windows Command Shell, Bind TCP (via Lua) cmd/windows/bind_perl normal Windows Command Shell, Bind TCP (via Perl) cmd/windows/bind_perl_ipv6 normal Windows Command Shell, Bind TCP (via perl) IPv6 cmd/windows/bind_ruby normal Windows Command Shell, Bind TCP (via Ruby) cmd/windows/download_eval_vbs normal Windows Executable Download and Evaluate VBS cmd/windows/download_exec_vbs normal Windows Executable Download and Execute (via .vbs) cmd/windows/generic normal Windows Command, Generic Command Execution cmd/windows/powershell_bind_tcp normal Windows Interactive Powershell Session, Bind TCP cmd/windows/powershell_reverse_tcp normal Windows Interactive Powershell Session, Reverse TCP cmd/windows/reverse_lua normal Windows Command Shell, Reverse TCP (via Lua) cmd/windows/reverse_perl normal Windows Command, Double Reverse TCP Connection (via Perl) cmd/windows/reverse_powershell normal Windows Command Shell, Reverse TCP (via Powershell) cmd/windows/reverse_ruby normal Windows Command Shell, Reverse TCP (via Ruby) firefox/exec normal Firefox XPCOM Execute Command firefox/shell_bind_tcp normal Command Shell, Bind TCP (via Firefox XPCOM script) firefox/shell_reverse_tcp normal Command Shell, Reverse TCP (via Firefox XPCOM script) generic/custom normal Custom Payload generic/debug_trap normal Generic x86 Debug Trap generic/shell_bind_tcp normal Generic Command Shell, Bind TCP Inline generic/shell_reverse_tcp normal Generic Command Shell, Reverse TCP Inline generic/tight_loop normal Generic x86 Tight Loop java/jsp_shell_bind_tcp normal Java JSP Command Shell, Bind TCP Inline java/jsp_shell_reverse_tcp normal Java JSP Command Shell, Reverse TCP Inline java/meterpreter/bind_tcp normal Java Meterpreter, Java Bind TCP Stager java/meterpreter/reverse_http normal Java Meterpreter, Java Reverse HTTP Stager java/meterpreter/reverse_https normal Java Meterpreter, Java Reverse HTTPS Stager java/meterpreter/reverse_tcp normal Java Meterpreter, Java Reverse TCP Stager java/shell/bind_tcp normal Command Shell, Java Bind TCP Stager java/shell/reverse_tcp normal Command Shell, Java Reverse TCP Stager java/shell_reverse_tcp normal Java Command Shell, Reverse TCP Inline linux/armbe/shell_bind_tcp normal Linux ARM Big Endian Command Shell, Bind TCP Inline linux/armle/adduser normal Linux Add User linux/armle/exec normal Linux Execute Command linux/armle/mettle/bind_tcp normal Linux Meterpreter, Bind TCP Stager linux/armle/mettle/reverse_tcp normal Linux Meterpreter, Reverse TCP Stager linux/armle/shell/bind_tcp normal Linux dup2 Command Shell, Bind TCP Stager linux/armle/shell/reverse_tcp normal Linux dup2 Command Shell, Reverse TCP Stager linux/armle/shell_bind_tcp normal Linux Command Shell, Reverse TCP Inline linux/armle/shell_reverse_tcp normal Linux Command Shell, Reverse TCP Inline linux/mipsbe/exec normal Linux Execute Command linux/mipsbe/mettle/reverse_tcp normal Linux Meterpreter, Reverse TCP Stager linux/mipsbe/reboot normal Linux Reboot linux/mipsbe/shell/reverse_tcp normal Linux Command Shell, Reverse TCP Stager linux/mipsbe/shell_bind_tcp normal Linux Command Shell, Bind TCP Inline linux/mipsbe/shell_reverse_tcp normal Linux Command Shell, Reverse TCP Inline linux/mipsle/exec normal Linux Execute Command linux/mipsle/mettle/reverse_tcp normal Linux Meterpreter, Reverse TCP Stager linux/mipsle/reboot normal Linux Reboot linux/mipsle/shell/reverse_tcp normal Linux Command Shell, Reverse TCP Stager linux/mipsle/shell_bind_tcp normal Linux Command Shell, Bind TCP Inline linux/mipsle/shell_reverse_tcp normal Linux Command Shell, Reverse TCP Inline linux/ppc/shell_bind_tcp normal Linux Command Shell, Bind TCP Inline linux/ppc/shell_find_port normal Linux Command Shell, Find Port Inline linux/ppc/shell_reverse_tcp normal Linux Command Shell, Reverse TCP Inline linux/ppc64/shell_bind_tcp normal Linux Command Shell, Bind TCP Inline linux/ppc64/shell_find_port normal Linux Command Shell, Find Port Inline linux/ppc64/shell_reverse_tcp normal Linux Command Shell, Reverse TCP Inline linux/x64/exec normal Linux Execute Command linux/x64/mettle/bind_tcp normal Linux Mettle x64, Bind TCP Stager linux/x64/mettle/reverse_tcp normal Linux Mettle x64, Reverse TCP Stager linux/x64/shell/bind_tcp normal Linux Command Shell, Bind TCP Stager linux/x64/shell/reverse_tcp normal Linux Command Shell, Reverse TCP Stager linux/x64/shell_bind_tcp normal Linux Command Shell, Bind TCP Inline linux/x64/shell_bind_tcp_random_port normal Linux Command Shell, Bind TCP Random Port Inline linux/x64/shell_find_port normal Linux Command Shell, Find Port Inline linux/x64/shell_reverse_tcp normal Linux Command Shell, Reverse TCP Inline linux/x86/adduser normal Linux Add User linux/x86/chmod normal Linux Chmod linux/x86/exec normal Linux Execute Command linux/x86/meterpreter/bind_ipv6_tcp normal Linux Meterpreter, Bind IPv6 TCP Stager (Linux x86) linux/x86/meterpreter/bind_ipv6_tcp_uuid normal Linux Meterpreter, Bind IPv6 TCP Stager with UUID Support (Linux x86) linux/x86/meterpreter/bind_nonx_tcp normal Linux Meterpreter, Bind TCP Stager linux/x86/meterpreter/bind_tcp normal Linux Meterpreter, Bind TCP Stager (Linux x86) linux/x86/meterpreter/bind_tcp_uuid normal Linux Meterpreter, Bind TCP Stager with UUID Support (Linux x86) linux/x86/meterpreter/find_tag normal Linux Meterpreter, Find Tag Stager linux/x86/meterpreter/reverse_ipv6_tcp normal Linux Meterpreter, Reverse TCP Stager (IPv6) linux/x86/meterpreter/reverse_nonx_tcp normal Linux Meterpreter, Reverse TCP Stager linux/x86/meterpreter/reverse_tcp normal Linux Meterpreter, Reverse TCP Stager linux/x86/meterpreter/reverse_tcp_uuid normal Linux Meterpreter, Reverse TCP Stager linux/x86/metsvc_bind_tcp normal Linux Meterpreter Service, Bind TCP linux/x86/metsvc_reverse_tcp normal Linux Meterpreter Service, Reverse TCP Inline linux/x86/mettle/bind_ipv6_tcp normal Linux Mettle x86, Bind IPv6 TCP Stager (Linux x86) linux/x86/mettle/bind_ipv6_tcp_uuid normal Linux Mettle x86, Bind IPv6 TCP Stager with UUID Support (Linux x86) linux/x86/mettle/bind_nonx_tcp normal Linux Mettle x86, Bind TCP Stager linux/x86/mettle/bind_tcp normal Linux Mettle x86, Bind TCP Stager (Linux x86) linux/x86/mettle/bind_tcp_uuid normal Linux Mettle x86, Bind TCP Stager with UUID Support (Linux x86) linux/x86/mettle/find_tag normal Linux Mettle x86, Find Tag Stager linux/x86/mettle/reverse_ipv6_tcp normal Linux Mettle x86, Reverse TCP Stager (IPv6) linux/x86/mettle/reverse_nonx_tcp normal Linux Mettle x86, Reverse TCP Stager linux/x86/mettle/reverse_tcp normal Linux Mettle x86, Reverse TCP Stager linux/x86/mettle/reverse_tcp_uuid normal Linux Mettle x86, Reverse TCP Stager linux/x86/read_file normal Linux Read File linux/x86/shell/bind_ipv6_tcp normal Linux Command Shell, Bind IPv6 TCP Stager (Linux x86) linux/x86/shell/bind_ipv6_tcp_uuid normal Linux Command Shell, Bind IPv6 TCP Stager with UUID Support (Linux x86) linux/x86/shell/bind_nonx_tcp normal Linux Command Shell, Bind TCP Stager linux/x86/shell/bind_tcp normal Linux Command Shell, Bind TCP Stager (Linux x86) linux/x86/shell/bind_tcp_uuid normal Linux Command Shell, Bind TCP Stager with UUID Support (Linux x86) linux/x86/shell/find_tag normal Linux Command Shell, Find Tag Stager linux/x86/shell/reverse_ipv6_tcp normal Linux Command Shell, Reverse TCP Stager (IPv6) linux/x86/shell/reverse_nonx_tcp normal Linux Command Shell, Reverse TCP Stager linux/x86/shell/reverse_tcp normal Linux Command Shell, Reverse TCP Stager linux/x86/shell/reverse_tcp_uuid normal Linux Command Shell, Reverse TCP Stager linux/x86/shell_bind_ipv6_tcp normal Linux Command Shell, Bind TCP Inline (IPv6) linux/x86/shell_bind_tcp normal Linux Command Shell, Bind TCP Inline linux/x86/shell_bind_tcp_random_port normal Linux Command Shell, Bind TCP Random Port Inline linux/x86/shell_find_port normal Linux Command Shell, Find Port Inline linux/x86/shell_find_tag normal Linux Command Shell, Find Tag Inline linux/x86/shell_reverse_tcp normal Linux Command Shell, Reverse TCP Inline mainframe/shell_reverse_tcp normal Z/OS (MVS) Command Shell, Reverse TCP Inline netware/shell/reverse_tcp normal NetWare Command Shell, Reverse TCP Stager nodejs/shell_bind_tcp normal Command Shell, Bind TCP (via nodejs) nodejs/shell_reverse_tcp normal Command Shell, Reverse TCP (via nodejs) nodejs/shell_reverse_tcp_ssl normal Command Shell, Reverse TCP SSL (via nodejs) osx/armle/execute/bind_tcp normal OS X Write and Execute Binary, Bind TCP Stager osx/armle/execute/reverse_tcp normal OS X Write and Execute Binary, Reverse TCP Stager osx/armle/shell/bind_tcp normal OS X Command Shell, Bind TCP Stager osx/armle/shell/reverse_tcp normal OS X Command Shell, Reverse TCP Stager osx/armle/shell_bind_tcp normal Apple iOS Command Shell, Bind TCP Inline osx/armle/shell_reverse_tcp normal Apple iOS Command Shell, Reverse TCP Inline osx/armle/vibrate normal Apple iOS iPhone Vibrate osx/ppc/shell/bind_tcp normal OS X Command Shell, Bind TCP Stager osx/ppc/shell/find_tag normal OS X Command Shell, Find Tag Stager osx/ppc/shell/reverse_tcp normal OS X Command Shell, Reverse TCP Stager osx/ppc/shell_bind_tcp normal OS X Command Shell, Bind TCP Inline osx/ppc/shell_reverse_tcp normal OS X Command Shell, Reverse TCP Inline osx/x64/dupandexecve/bind_tcp normal OS X dup2 Command Shell, Bind TCP Stager osx/x64/dupandexecve/reverse_tcp normal OS X dup2 Command Shell, Reverse TCP Stager osx/x64/exec normal OS X x64 Execute Command osx/x64/say normal OS X x64 say Shellcode osx/x64/shell_bind_tcp normal OS X x64 Shell Bind TCP osx/x64/shell_find_tag normal OSX Command Shell, Find Tag Inline osx/x64/shell_reverse_tcp normal OS X x64 Shell Reverse TCP osx/x86/bundleinject/bind_tcp normal Mac OS X Inject Mach-O Bundle, Bind TCP Stager osx/x86/bundleinject/reverse_tcp normal Mac OS X Inject Mach-O Bundle, Reverse TCP Stager osx/x86/exec normal OS X Execute Command osx/x86/isight/bind_tcp normal Mac OS X x86 iSight Photo Capture, Bind TCP Stager osx/x86/isight/reverse_tcp normal Mac OS X x86 iSight Photo Capture, Reverse TCP Stager osx/x86/shell_bind_tcp normal OS X Command Shell, Bind TCP Inline osx/x86/shell_find_port normal OS X Command Shell, Find Port Inline osx/x86/shell_reverse_tcp normal OS X Command Shell, Reverse TCP Inline osx/x86/vforkshell/bind_tcp normal OS X (vfork) Command Shell, Bind TCP Stager osx/x86/vforkshell/reverse_tcp normal OS X (vfork) Command Shell, Reverse TCP Stager osx/x86/vforkshell_bind_tcp normal OS X (vfork) Command Shell, Bind TCP Inline osx/x86/vforkshell_reverse_tcp normal OS X (vfork) Command Shell, Reverse TCP Inline php/bind_perl normal PHP Command Shell, Bind TCP (via Perl) php/bind_perl_ipv6 normal PHP Command Shell, Bind TCP (via perl) IPv6 php/bind_php normal PHP Command Shell, Bind TCP (via PHP) php/bind_php_ipv6 normal PHP Command Shell, Bind TCP (via php) IPv6 php/download_exec normal PHP Executable Download and Execute php/exec normal PHP Execute Command php/meterpreter/bind_tcp normal PHP Meterpreter, Bind TCP Stager php/meterpreter/bind_tcp_ipv6 normal PHP Meterpreter, Bind TCP Stager IPv6 php/meterpreter/bind_tcp_ipv6_uuid normal PHP Meterpreter, Bind TCP Stager IPv6 with UUID Support php/meterpreter/bind_tcp_uuid normal PHP Meterpreter, Bind TCP Stager with UUID Support php/meterpreter/reverse_tcp normal PHP Meterpreter, PHP Reverse TCP Stager php/meterpreter/reverse_tcp_uuid normal PHP Meterpreter, PHP Reverse TCP Stager php/meterpreter_reverse_tcp normal PHP Meterpreter, Reverse TCP Inline php/reverse_perl normal PHP Command, Double Reverse TCP Connection (via Perl) php/reverse_php normal PHP Command Shell, Reverse TCP (via PHP) php/shell_findsock normal PHP Command Shell, Find Sock python/meterpreter/bind_tcp normal Python Meterpreter, Python Bind TCP Stager python/meterpreter/bind_tcp_uuid normal Python Meterpreter, Python Bind TCP Stager with UUID Support python/meterpreter/reverse_http normal Python Meterpreter, Python Reverse HTTP Stager python/meterpreter/reverse_https normal Python Meterpreter, Python Reverse HTTPS Stager python/meterpreter/reverse_tcp normal Python Meterpreter, Python Reverse TCP Stager python/meterpreter/reverse_tcp_ssl normal Python Meterpreter, Python Reverse TCP SSL Stager python/meterpreter/reverse_tcp_uuid normal Python Meterpreter, Python Reverse TCP Stager with UUID Support python/meterpreter_bind_tcp normal Python Meterpreter Shell, Bind TCP Inline python/meterpreter_reverse_http normal Python Meterpreter Shell, Reverse HTTP Inline python/meterpreter_reverse_https normal Python Meterpreter Shell, Reverse HTTPS Inline python/meterpreter_reverse_tcp normal Python Meterpreter Shell, Reverse TCP Inline python/shell_reverse_tcp normal Command Shell, Reverse TCP (via python) python/shell_reverse_tcp_ssl normal Command Shell, Reverse TCP SSL (via python) ruby/shell_bind_tcp normal Ruby Command Shell, Bind TCP ruby/shell_bind_tcp_ipv6 normal Ruby Command Shell, Bind TCP IPv6 ruby/shell_reverse_tcp normal Ruby Command Shell, Reverse TCP ruby/shell_reverse_tcp_ssl normal Ruby Command Shell, Reverse TCP SSL solaris/sparc/shell_bind_tcp normal Solaris Command Shell, Bind TCP Inline solaris/sparc/shell_find_port normal Solaris Command Shell, Find Port Inline solaris/sparc/shell_reverse_tcp normal Solaris Command Shell, Reverse TCP Inline solaris/x86/shell_bind_tcp normal Solaris Command Shell, Bind TCP Inline solaris/x86/shell_find_port normal Solaris Command Shell, Find Port Inline solaris/x86/shell_reverse_tcp normal Solaris Command Shell, Reverse TCP Inline tty/unix/interact normal Unix TTY, Interact with Established Connection windows/adduser normal Windows Execute net user /ADD windows/dllinject/bind_hidden_ipknock_tcp normal Reflective DLL Injection, Hidden Bind Ipknock TCP Stager windows/dllinject/bind_hidden_tcp normal Reflective DLL Injection, Hidden Bind TCP Stager windows/dllinject/bind_ipv6_tcp normal Reflective DLL Injection, Bind IPv6 TCP Stager (Windows x86) windows/dllinject/bind_ipv6_tcp_uuid normal Reflective DLL Injection, Bind IPv6 TCP Stager with UUID Support (Windows x86) windows/dllinject/bind_nonx_tcp normal Reflective DLL Injection, Bind TCP Stager (No NX or Win7) windows/dllinject/bind_tcp normal Reflective DLL Injection, Bind TCP Stager (Windows x86) windows/dllinject/bind_tcp_rc4 normal Reflective DLL Injection, Bind TCP Stager (RC4 Stage Encryption, Metasm) windows/dllinject/bind_tcp_uuid normal Reflective DLL Injection, Bind TCP Stager with UUID Support (Windows x86) windows/dllinject/find_tag normal Reflective DLL Injection, Find Tag Ordinal Stager windows/dllinject/reverse_hop_http normal Reflective DLL Injection, Reverse Hop HTTP/HTTPS Stager windows/dllinject/reverse_http normal Reflective DLL Injection, Windows Reverse HTTP Stager (wininet) windows/dllinject/reverse_http_proxy_pstore normal Reflective DLL Injection, Reverse HTTP Stager Proxy windows/dllinject/reverse_ipv6_tcp normal Reflective DLL Injection, Reverse TCP Stager (IPv6) windows/dllinject/reverse_nonx_tcp normal Reflective DLL Injection, Reverse TCP Stager (No NX or Win7) windows/dllinject/reverse_ord_tcp normal Reflective DLL Injection, Reverse Ordinal TCP Stager (No NX or Win7) windows/dllinject/reverse_tcp normal Reflective DLL Injection, Reverse TCP Stager windows/dllinject/reverse_tcp_allports normal Reflective DLL Injection, Reverse All-Port TCP Stager windows/dllinject/reverse_tcp_dns normal Reflective DLL Injection, Reverse TCP Stager (DNS) windows/dllinject/reverse_tcp_rc4 normal Reflective DLL Injection, Reverse TCP Stager (RC4 Stage Encryption, Metasm) windows/dllinject/reverse_tcp_rc4_dns normal Reflective DLL Injection, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm) windows/dllinject/reverse_tcp_uuid normal Reflective DLL Injection, Reverse TCP Stager with UUID Support windows/dllinject/reverse_winhttp normal Reflective DLL Injection, Windows Reverse HTTP Stager (winhttp) windows/dns_txt_query_exec normal DNS TXT Record Payload Download and Execution windows/download_exec normal Windows Executable Download (http,https,ftp) and Execute windows/exec normal Windows Execute Command windows/format_all_drives manual Windows Drive Formatter windows/loadlibrary normal Windows LoadLibrary Path windows/messagebox normal Windows MessageBox windows/meterpreter/bind_hidden_ipknock_tcp normal Windows Meterpreter (Reflective Injection), Hidden Bind Ipknock TCP Stager windows/meterpreter/bind_hidden_tcp normal Windows Meterpreter (Reflective Injection), Hidden Bind TCP Stager windows/meterpreter/bind_ipv6_tcp normal Windows Meterpreter (Reflective Injection), Bind IPv6 TCP Stager (Windows x86) windows/meterpreter/bind_ipv6_tcp_uuid normal Windows Meterpreter (Reflective Injection), Bind IPv6 TCP Stager with UUID Support (Windows x86) windows/meterpreter/bind_nonx_tcp normal Windows Meterpreter (Reflective Injection), Bind TCP Stager (No NX or Win7) windows/meterpreter/bind_tcp normal Windows Meterpreter (Reflective Injection), Bind TCP Stager (Windows x86) windows/meterpreter/bind_tcp_rc4 normal Windows Meterpreter (Reflective Injection), Bind TCP Stager (RC4 Stage Encryption, Metasm) windows/meterpreter/bind_tcp_uuid normal Windows Meterpreter (Reflective Injection), Bind TCP Stager with UUID Support (Windows x86) windows/meterpreter/find_tag normal Windows Meterpreter (Reflective Injection), Find Tag Ordinal Stager windows/meterpreter/reverse_hop_http normal Windows Meterpreter (Reflective Injection), Reverse Hop HTTP/HTTPS Stager windows/meterpreter/reverse_http normal Windows Meterpreter (Reflective Injection), Windows Reverse HTTP Stager (wininet) windows/meterpreter/reverse_http_proxy_pstore normal Windows Meterpreter (Reflective Injection), Reverse HTTP Stager Proxy windows/meterpreter/reverse_https normal Windows Meterpreter (Reflective Injection), Windows Reverse HTTPS Stager (wininet) windows/meterpreter/reverse_https_proxy normal Windows Meterpreter (Reflective Injection), Reverse HTTPS Stager with Support for Custom Proxy windows/meterpreter/reverse_ipv6_tcp normal Windows Meterpreter (Reflective Injection), Reverse TCP Stager (IPv6) windows/meterpreter/reverse_nonx_tcp normal Windows Meterpreter (Reflective Injection), Reverse TCP Stager (No NX or Win7) windows/meterpreter/reverse_ord_tcp normal Windows Meterpreter (Reflective Injection), Reverse Ordinal TCP Stager (No NX or Win7) windows/meterpreter/reverse_tcp normal Windows Meterpreter (Reflective Injection), Reverse TCP Stager windows/meterpreter/reverse_tcp_allports normal Windows Meterpreter (Reflective Injection), Reverse All-Port TCP Stager windows/meterpreter/reverse_tcp_dns normal Windows Meterpreter (Reflective Injection), Reverse TCP Stager (DNS) windows/meterpreter/reverse_tcp_rc4 normal Windows Meterpreter (Reflective Injection), Reverse TCP Stager (RC4 Stage Encryption, Metasm) windows/meterpreter/reverse_tcp_rc4_dns normal Windows Meterpreter (Reflective Injection), Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm) windows/meterpreter/reverse_tcp_uuid normal Windows Meterpreter (Reflective Injection), Reverse TCP Stager with UUID Support windows/meterpreter/reverse_winhttp normal Windows Meterpreter (Reflective Injection), Windows Reverse HTTP Stager (winhttp) windows/meterpreter/reverse_winhttps normal Windows Meterpreter (Reflective Injection), Windows Reverse HTTPS Stager (winhttp) windows/meterpreter_bind_tcp normal Windows Meterpreter Shell, Bind TCP Inline windows/meterpreter_reverse_http normal Windows Meterpreter Shell, Reverse HTTP Inline windows/meterpreter_reverse_https normal Windows Meterpreter Shell, Reverse HTTPS Inline windows/meterpreter_reverse_ipv6_tcp normal Windows Meterpreter Shell, Reverse TCP Inline (IPv6) windows/meterpreter_reverse_tcp normal Windows Meterpreter Shell, Reverse TCP Inline windows/metsvc_bind_tcp normal Windows Meterpreter Service, Bind TCP windows/metsvc_reverse_tcp normal Windows Meterpreter Service, Reverse TCP Inline windows/patchupdllinject/bind_hidden_ipknock_tcp normal Windows Inject DLL, Hidden Bind Ipknock TCP Stager windows/patchupdllinject/bind_hidden_tcp normal Windows Inject DLL, Hidden Bind TCP Stager windows/patchupdllinject/bind_ipv6_tcp normal Windows Inject DLL, Bind IPv6 TCP Stager (Windows x86) windows/patchupdllinject/bind_ipv6_tcp_uuid normal Windows Inject DLL, Bind IPv6 TCP Stager with UUID Support (Windows x86) windows/patchupdllinject/bind_nonx_tcp normal Windows Inject DLL, Bind TCP Stager (No NX or Win7) windows/patchupdllinject/bind_tcp normal Windows Inject DLL, Bind TCP Stager (Windows x86) windows/patchupdllinject/bind_tcp_rc4 normal Windows Inject DLL, Bind TCP Stager (RC4 Stage Encryption, Metasm) windows/patchupdllinject/bind_tcp_uuid normal Windows Inject DLL, Bind TCP Stager with UUID Support (Windows x86) windows/patchupdllinject/find_tag normal Windows Inject DLL, Find Tag Ordinal Stager windows/patchupdllinject/reverse_ipv6_tcp normal Windows Inject DLL, Reverse TCP Stager (IPv6) windows/patchupdllinject/reverse_nonx_tcp normal Windows Inject DLL, Reverse TCP Stager (No NX or Win7) windows/patchupdllinject/reverse_ord_tcp normal Windows Inject DLL, Reverse Ordinal TCP Stager (No NX or Win7) windows/patchupdllinject/reverse_tcp normal Windows Inject DLL, Reverse TCP Stager windows/patchupdllinject/reverse_tcp_allports normal Windows Inject DLL, Reverse All-Port TCP Stager windows/patchupdllinject/reverse_tcp_dns normal Windows Inject DLL, Reverse TCP Stager (DNS) windows/patchupdllinject/reverse_tcp_rc4 normal Windows Inject DLL, Reverse TCP Stager (RC4 Stage Encryption, Metasm) windows/patchupdllinject/reverse_tcp_rc4_dns normal Windows Inject DLL, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm) windows/patchupdllinject/reverse_tcp_uuid normal Windows Inject DLL, Reverse TCP Stager with UUID Support windows/patchupmeterpreter/bind_hidden_ipknock_tcp normal Windows Meterpreter (skape/jt Injection), Hidden Bind Ipknock TCP Stager windows/patchupmeterpreter/bind_hidden_tcp normal Windows Meterpreter (skape/jt Injection), Hidden Bind TCP Stager windows/patchupmeterpreter/bind_ipv6_tcp normal Windows Meterpreter (skape/jt Injection), Bind IPv6 TCP Stager (Windows x86) windows/patchupmeterpreter/bind_ipv6_tcp_uuid normal Windows Meterpreter (skape/jt Injection), Bind IPv6 TCP Stager with UUID Support (Windows x86) windows/patchupmeterpreter/bind_nonx_tcp normal Windows Meterpreter (skape/jt Injection), Bind TCP Stager (No NX or Win7) windows/patchupmeterpreter/bind_tcp normal Windows Meterpreter (skape/jt Injection), Bind TCP Stager (Windows x86) windows/patchupmeterpreter/bind_tcp_rc4 normal Windows Meterpreter (skape/jt Injection), Bind TCP Stager (RC4 Stage Encryption, Metasm) windows/patchupmeterpreter/bind_tcp_uuid normal Windows Meterpreter (skape/jt Injection), Bind TCP Stager with UUID Support (Windows x86) windows/patchupmeterpreter/find_tag normal Windows Meterpreter (skape/jt Injection), Find Tag Ordinal Stager windows/patchupmeterpreter/reverse_ipv6_tcp normal Windows Meterpreter (skape/jt Injection), Reverse TCP Stager (IPv6) windows/patchupmeterpreter/reverse_nonx_tcp normal Windows Meterpreter (skape/jt Injection), Reverse TCP Stager (No NX or Win7) windows/patchupmeterpreter/reverse_ord_tcp normal Windows Meterpreter (skape/jt Injection), Reverse Ordinal TCP Stager (No NX or Win7) windows/patchupmeterpreter/reverse_tcp normal Windows Meterpreter (skape/jt Injection), Reverse TCP Stager windows/patchupmeterpreter/reverse_tcp_allports normal Windows Meterpreter (skape/jt Injection), Reverse All-Port TCP Stager windows/patchupmeterpreter/reverse_tcp_dns normal Windows Meterpreter (skape/jt Injection), Reverse TCP Stager (DNS) windows/patchupmeterpreter/reverse_tcp_rc4 normal Windows Meterpreter (skape/jt Injection), Reverse TCP Stager (RC4 Stage Encryption, Metasm) windows/patchupmeterpreter/reverse_tcp_rc4_dns normal Windows Meterpreter (skape/jt Injection), Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm) windows/patchupmeterpreter/reverse_tcp_uuid normal Windows Meterpreter (skape/jt Injection), Reverse TCP Stager with UUID Support windows/powershell_bind_tcp normal Windows Interactive Powershell Session, Bind TCP windows/powershell_reverse_tcp normal Windows Interactive Powershell Session, Reverse TCP windows/shell/bind_hidden_ipknock_tcp normal Windows Command Shell, Hidden Bind Ipknock TCP Stager windows/shell/bind_hidden_tcp normal Windows Command Shell, Hidden Bind TCP Stager windows/shell/bind_ipv6_tcp normal Windows Command Shell, Bind IPv6 TCP Stager (Windows x86) windows/shell/bind_ipv6_tcp_uuid normal Windows Command Shell, Bind IPv6 TCP Stager with UUID Support (Windows x86) windows/shell/bind_nonx_tcp normal Windows Command Shell, Bind TCP Stager (No NX or Win7) windows/shell/bind_tcp normal Windows Command Shell, Bind TCP Stager (Windows x86) windows/shell/bind_tcp_rc4 normal Windows Command Shell, Bind TCP Stager (RC4 Stage Encryption, Metasm) windows/shell/bind_tcp_uuid normal Windows Command Shell, Bind TCP Stager with UUID Support (Windows x86) windows/shell/find_tag normal Windows Command Shell, Find Tag Ordinal Stager windows/shell/reverse_ipv6_tcp normal Windows Command Shell, Reverse TCP Stager (IPv6) windows/shell/reverse_nonx_tcp normal Windows Command Shell, Reverse TCP Stager (No NX or Win7) windows/shell/reverse_ord_tcp normal Windows Command Shell, Reverse Ordinal TCP Stager (No NX or Win7) windows/shell/reverse_tcp normal Windows Command Shell, Reverse TCP Stager windows/shell/reverse_tcp_allports normal Windows Command Shell, Reverse All-Port TCP Stager windows/shell/reverse_tcp_dns normal Windows Command Shell, Reverse TCP Stager (DNS) windows/shell/reverse_tcp_rc4 normal Windows Command Shell, Reverse TCP Stager (RC4 Stage Encryption, Metasm) windows/shell/reverse_tcp_rc4_dns normal Windows Command Shell, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm) windows/shell/reverse_tcp_uuid normal Windows Command Shell, Reverse TCP Stager with UUID Support windows/shell_bind_tcp normal Windows Command Shell, Bind TCP Inline windows/shell_bind_tcp_xpfw normal Windows Disable Windows ICF, Command Shell, Bind TCP Inline windows/shell_hidden_bind_tcp normal Windows Command Shell, Hidden Bind TCP Inline windows/shell_reverse_tcp normal Windows Command Shell, Reverse TCP Inline windows/speak_pwned normal Windows Speech API - Say "You Got Pwned!" windows/upexec/bind_hidden_ipknock_tcp normal Windows Upload/Execute, Hidden Bind Ipknock TCP Stager windows/upexec/bind_hidden_tcp normal Windows Upload/Execute, Hidden Bind TCP Stager windows/upexec/bind_ipv6_tcp normal Windows Upload/Execute, Bind IPv6 TCP Stager (Windows x86) windows/upexec/bind_ipv6_tcp_uuid normal Windows Upload/Execute, Bind IPv6 TCP Stager with UUID Support (Windows x86) windows/upexec/bind_nonx_tcp normal Windows Upload/Execute, Bind TCP Stager (No NX or Win7) windows/upexec/bind_tcp normal Windows Upload/Execute, Bind TCP Stager (Windows x86) windows/upexec/bind_tcp_rc4 normal Windows Upload/Execute, Bind TCP Stager (RC4 Stage Encryption, Metasm) windows/upexec/bind_tcp_uuid normal Windows Upload/Execute, Bind TCP Stager with UUID Support (Windows x86) windows/upexec/find_tag normal Windows Upload/Execute, Find Tag Ordinal Stager windows/upexec/reverse_ipv6_tcp normal Windows Upload/Execute, Reverse TCP Stager (IPv6) windows/upexec/reverse_nonx_tcp normal Windows Upload/Execute, Reverse TCP Stager (No NX or Win7) windows/upexec/reverse_ord_tcp normal Windows Upload/Execute, Reverse Ordinal TCP Stager (No NX or Win7) windows/upexec/reverse_tcp normal Windows Upload/Execute, Reverse TCP Stager windows/upexec/reverse_tcp_allports normal Windows Upload/Execute, Reverse All-Port TCP Stager windows/upexec/reverse_tcp_dns normal Windows Upload/Execute, Reverse TCP Stager (DNS) windows/upexec/reverse_tcp_rc4 normal Windows Upload/Execute, Reverse TCP Stager (RC4 Stage Encryption, Metasm) windows/upexec/reverse_tcp_rc4_dns normal Windows Upload/Execute, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm) windows/upexec/reverse_tcp_uuid normal Windows Upload/Execute, Reverse TCP Stager with UUID Support windows/vncinject/bind_hidden_ipknock_tcp normal VNC Server (Reflective Injection), Hidden Bind Ipknock TCP Stager windows/vncinject/bind_hidden_tcp normal VNC Server (Reflective Injection), Hidden Bind TCP Stager windows/vncinject/bind_ipv6_tcp normal VNC Server (Reflective Injection), Bind IPv6 TCP Stager (Windows x86) windows/vncinject/bind_ipv6_tcp_uuid normal VNC Server (Reflective Injection), Bind IPv6 TCP Stager with UUID Support (Windows x86) windows/vncinject/bind_nonx_tcp normal VNC Server (Reflective Injection), Bind TCP Stager (No NX or Win7) windows/vncinject/bind_tcp normal VNC Server (Reflective Injection), Bind TCP Stager (Windows x86) windows/vncinject/bind_tcp_rc4 normal VNC Server (Reflective Injection), Bind TCP Stager (RC4 Stage Encryption, Metasm) windows/vncinject/bind_tcp_uuid normal VNC Server (Reflective Injection), Bind TCP Stager with UUID Support (Windows x86) windows/vncinject/find_tag normal VNC Server (Reflective Injection), Find Tag Ordinal Stager windows/vncinject/reverse_hop_http normal VNC Server (Reflective Injection), Reverse Hop HTTP/HTTPS Stager windows/vncinject/reverse_http normal VNC Server (Reflective Injection), Windows Reverse HTTP Stager (wininet) windows/vncinject/reverse_http_proxy_pstore normal VNC Server (Reflective Injection), Reverse HTTP Stager Proxy windows/vncinject/reverse_ipv6_tcp normal VNC Server (Reflective Injection), Reverse TCP Stager (IPv6) windows/vncinject/reverse_nonx_tcp normal VNC Server (Reflective Injection), Reverse TCP Stager (No NX or Win7) windows/vncinject/reverse_ord_tcp normal VNC Server (Reflective Injection), Reverse Ordinal TCP Stager (No NX or Win7) windows/vncinject/reverse_tcp normal VNC Server (Reflective Injection), Reverse TCP Stager windows/vncinject/reverse_tcp_allports normal VNC Server (Reflective Injection), Reverse All-Port TCP Stager windows/vncinject/reverse_tcp_dns normal VNC Server (Reflective Injection), Reverse TCP Stager (DNS) windows/vncinject/reverse_tcp_rc4 normal VNC Server (Reflective Injection), Reverse TCP Stager (RC4 Stage Encryption, Metasm) windows/vncinject/reverse_tcp_rc4_dns normal VNC Server (Reflective Injection), Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm) windows/vncinject/reverse_tcp_uuid normal VNC Server (Reflective Injection), Reverse TCP Stager with UUID Support windows/vncinject/reverse_winhttp normal VNC Server (Reflective Injection), Windows Reverse HTTP Stager (winhttp) windows/x64/exec normal Windows x64 Execute Command windows/x64/loadlibrary normal Windows x64 LoadLibrary Path windows/x64/meterpreter/bind_ipv6_tcp normal Windows Meterpreter (Reflective Injection x64), Windows x64 IPv6 Bind TCP Stager windows/x64/meterpreter/bind_ipv6_tcp_uuid normal Windows Meterpreter (Reflective Injection x64), Windows x64 IPv6 Bind TCP Stager with UUID Support windows/x64/meterpreter/bind_tcp normal Windows Meterpreter (Reflective Injection x64), Windows x64 Bind TCP Stager windows/x64/meterpreter/bind_tcp_uuid normal Windows Meterpreter (Reflective Injection x64), Bind TCP Stager with UUID Support (Windows x64) windows/x64/meterpreter/reverse_http normal Windows Meterpreter (Reflective Injection x64), Windows x64 Reverse HTTP Stager (wininet) windows/x64/meterpreter/reverse_https normal Windows Meterpreter (Reflective Injection x64), Windows x64 Reverse HTTP Stager (wininet) windows/x64/meterpreter/reverse_tcp normal Windows Meterpreter (Reflective Injection x64), Windows x64 Reverse TCP Stager windows/x64/meterpreter/reverse_tcp_uuid normal Windows Meterpreter (Reflective Injection x64), Reverse TCP Stager with UUID Support (Windows x64) windows/x64/meterpreter/reverse_winhttp normal Windows Meterpreter (Reflective Injection x64), Windows x64 Reverse HTTP Stager (winhttp) windows/x64/meterpreter/reverse_winhttps normal Windows Meterpreter (Reflective Injection x64), Windows x64 Reverse HTTPS Stager (winhttp) windows/x64/meterpreter_bind_tcp normal Windows Meterpreter Shell, Bind TCP Inline (x64) windows/x64/meterpreter_reverse_http normal Windows Meterpreter Shell, Reverse HTTP Inline (x64) windows/x64/meterpreter_reverse_https normal Windows Meterpreter Shell, Reverse HTTPS Inline (x64) windows/x64/meterpreter_reverse_ipv6_tcp normal Windows Meterpreter Shell, Reverse TCP Inline (IPv6) (x64) windows/x64/meterpreter_reverse_tcp normal Windows Meterpreter Shell, Reverse TCP Inline x64 windows/x64/powershell_bind_tcp normal Windows Interactive Powershell Session, Bind TCP windows/x64/powershell_reverse_tcp normal Windows Interactive Powershell Session, Reverse TCP windows/x64/shell/bind_ipv6_tcp normal Windows x64 Command Shell, Windows x64 IPv6 Bind TCP Stager windows/x64/shell/bind_ipv6_tcp_uuid normal Windows x64 Command Shell, Windows x64 IPv6 Bind TCP Stager with UUID Support windows/x64/shell/bind_tcp normal Windows x64 Command Shell, Windows x64 Bind TCP Stager windows/x64/shell/bind_tcp_uuid normal Windows x64 Command Shell, Bind TCP Stager with UUID Support (Windows x64) windows/x64/shell/reverse_tcp normal Windows x64 Command Shell, Windows x64 Reverse TCP Stager windows/x64/shell/reverse_tcp_uuid normal Windows x64 Command Shell, Reverse TCP Stager with UUID Support (Windows x64) windows/x64/shell_bind_tcp normal Windows x64 Command Shell, Bind TCP Inline windows/x64/shell_reverse_tcp normal Windows x64 Command Shell, Reverse TCP Inline windows/x64/vncinject/bind_ipv6_tcp normal Windows x64 VNC Server (Reflective Injection), Windows x64 IPv6 Bind TCP Stager windows/x64/vncinject/bind_ipv6_tcp_uuid normal Windows x64 VNC Server (Reflective Injection), Windows x64 IPv6 Bind TCP Stager with UUID Support windows/x64/vncinject/bind_tcp normal Windows x64 VNC Server (Reflective Injection), Windows x64 Bind TCP Stager windows/x64/vncinject/bind_tcp_uuid normal Windows x64 VNC Server (Reflective Injection), Bind TCP Stager with UUID Support (Windows x64) windows/x64/vncinject/reverse_http normal Windows x64 VNC Server (Reflective Injection), Windows x64 Reverse HTTP Stager (wininet) windows/x64/vncinject/reverse_https normal Windows x64 VNC Server (Reflective Injection), Windows x64 Reverse HTTP Stager (wininet) windows/x64/vncinject/reverse_tcp normal Windows x64 VNC Server (Reflective Injection), Windows x64 Reverse TCP Stager windows/x64/vncinject/reverse_tcp_uuid normal Windows x64 VNC Server (Reflective Injection), Reverse TCP Stager with UUID Support (Windows x64) windows/x64/vncinject/reverse_winhttp normal Windows x64 VNC Server (Reflective Injection), Windows x64 Reverse HTTP Stager (winhttp) windows/x64/vncinject/reverse_winhttps normal Windows x64 VNC Server (Reflective Injection), Windows x64 Reverse HTTPS Stager (winhttp) msf >
payloads模块命名规则
操作系统/类型/模块名称
例如: windows/shell/bind_tcp
等级代表好用程度
描述就是对payloads模块的简介
查看payloads下的某个模块的详细信息 : info 模块名
info windows/shell/bind_tcp
msf > info windows/shell/bind_tcp Name: Windows Command Shell, Bind TCP Stager (Windows x86) Module: payload/windows/shell/bind_tcp Platform: Windows Arch: x86 Needs Admin: No Total size: 285 Rank: Normal Provided by: spoonm <spoonm@no$email.com> sf <stephen_fewer@harmonysecurity.com> hdm <x@hdm.io> skape <mmiller@hick.org> Basic options: Name Current Setting Required Description ---- --------------- -------- ----------- EXITFUNC process yes Exit technique (Accepted: '', seh, thread, process, none) LPORT 4444 yes The listen port RHOST no The target address Description: Spawn a piped command shell (staged). Listen for a connection (Windows x86) msf >
可以,从上面,非常清楚的看出。
大家在使用payloads模块时,头脑一定要非常的清楚。先要选好exploit模块,再来使用payloads模块。(开始)
当我们选择了一个exploit模块并设置完选项后,我们可以用show payloads来看一下当前exploit可以用哪些payloads。
以上,是确定好我们,要使用哪个exploits。然后,再使用payloads。
payloads模块命名规则
操作系统/类型/模块名称
例如: windows/shell/bind_tcp
类型主要有
shell : 得到一个shell
Dllinject : 上传DLL并注入到进程
Patchup*** : 修改漏洞
Upexec : 上传并执行一个文件
Meterpreter : 高级payload
Vncinject: 高级payload
PassiveX : 高级payload
Payload名称命名规则
shell_find_tag : 在一个已建立的链接上创建一个shell
shell_reverse_tcp : 反向连接到攻击者主机并创建一个shell
bind_tcp : 监听一个tcp连接
reverse_tcp : 反向建立tcp连接
reverse_http: 通过HTTP隧道通信兵创建一个新用户添加到管理组
add_user : 创建一个新用户并添加到管理组
xxx_ipv6_tcp : 基于IPv6
xxx_nonx_tcp :非No eXecute或 win 7(N是应用在CPU的一种可以防止缓冲区溢出的技术)
xxx_ord_tcp : 有序payload
xxx_tcp_allports : 在所有可能的端口
更详细的参考
http://www.offensive-security.com/metasploit-unleashed/A-Bit-About-Payloads
列出payloads下某个模块的具体设置选项(包括exploits使用参数后)
如何选择和使用payloads下的某个模块
set PAYLOAD payload_name
之后设置选项 : set RHOST 192.168.0.1
这里,我们之前在,exploits模块里,设置好了。
这样exploit和payload就设置完毕了,我们就可以对目标主机进行利用了。
注意:
1)由于patloads只不过是汇编指令序列,通常nop在它前面。
2)这可能作为特征用来开发检测这些攻击,因此,payloads。
3)需要被编码并且变化nop用于躲避IDS或IPS检测。
4)MSF提供了一些编码器以及若干NOP生成器
5)来使检测过程变得极其困难