18 minute read
After completing the video lectures of the Security Tube Linux 64 bit Assembler Expert course (SLAE64), a series of assessments must be completed to gain certification. This is the fifth assignment; analyse 3 payloads generated by the Metasploit msfvenom tool.
msfvenom is a replacement for msfpayload and msfencode tools. It combines their functionality into a single application. The available payloads specifically for x64 Linux are quite limited:
root@kali:~# msfvenom -l | grep linux/x64 linux/x64/exec Execute an arbitrary command linux/x64/meterpreter/bind_tcp Inject the mettle server payload (staged). Listen for a connection linux/x64/meterpreter/reverse_tcp Inject the mettle server payload (staged). Connect back to the attacker linux/x64/meterpreter_reverse_http Run the Meterpreter / Mettle server payload (stageless) linux/x64/meterpreter_reverse_https Run the Meterpreter / Mettle server payload (stageless) linux/x64/meterpreter_reverse_tcp Run the Meterpreter / Mettle server payload (stageless) linux/x64/shell/bind_tcp Spawn a command shell (staged). Listen for a connection linux/x64/shell/reverse_tcp Spawn a command shell (staged). Connect back to the attacker linux/x64/shell_bind_tcp Listen for a connection and spawn a command shell linux/x64/shell_bind_tcp_random_port Listen for a connection in a random port and spawn a command shell. Use nmap to discover the open port: 'nmap -sS target -p-'. linux/x64/shell_find_port Spawn a shell on an established connection linux/x64/shell_reverse_tcp Connect back to attacker and spawn a command shell