Home page logo

metasploit logo Metasploit mailing list archives

need help for msfweb/msfconsole
From: exploit1001 at gmail.com (ExploiT)
Date: Tue, 2 Aug 2005 12:37:17 -0400

On 8/2/05, net spy <n4net_spy at yahoo.com> wrote:
 guyz i need lil info about msfweb that how to use it
since im new to this tool and also the information
about PAYLOAD some time i use some exploit agains my
another system it ask for payload but im confure wat
payload to use.any help would be appreciated.


Send instant messages to your online friends http://uk.messenger.yahoo.com

Well, it all depends on what you want, i'm assuming your exploiting a
windows host, so the payloads for a windows OS are as follows:

  win32_adduser                           Windows Execute net user /ADD
  win32_bind                                Windows Bind Shell
  win32_bind_stg_upexec             Windows Staged Bind Upload/Execute
  win32_bind_vncinject                 Windows Bind VNC Server DLL Inject
  win32_exec                              Windows Execute Command
  win32_findrecv_ord_meterpreter Windows Recv Tag Findsock Meterpreter
  win32_findrecv_ord_stg             Windows Recv Tag Findsock Shell
  win32_findrecv_ord_vncinject     Windows Recv Tag Findsock VNC Inject
  win32_passivex                        Windows PassiveX ActiveX
Injection Payload
  win32_passivex_meterpreter      Windows PassiveX ActiveX Inject
Meterpreter Payload
  win32_passivex_stg                  Windows Staged PassiveX Shell
  win32_passivex_vncinject          Windows PassiveX ActiveX Inject
VNC Server Payload
  win32_reverse                           Windows Reverse Shell
  win32_reverse_dllinject              Windows Reverse DLL Inject
  win32_reverse_meterpreter         Windows Reverse Meterpreter DLL Inject
  win32_reverse_ord                     Windows Staged Reverse Ordinal Shell
  win32_reverse_ord_vncinject       Windows Reverse Ordinal VNC Server Inject
  win32_reverse_stg                     Windows Staged Reverse Shell
  win32_reverse_stg_upexec         Windows Staged Reverse Upload/Execute
  win32_reverse_vncinject              Windows Reverse VNC Server Inject

Ok, the basic ones you'll use are win32_bind, all it does is bind a
remote shell from the victim system to a certain port of your

Another basic one is win32_exec, all it does is executes a command
that you specify on the victim system...thats it.

win32_adduser simply adds a user account that you specify to the victim machine.

win32_bind_vncinject, injects a vnc server onto the remote host, then
connects to it giving you full command line and graphical access to
the victim.

those are the basic ones...if you just want to gain access simply, i'd
use win32_bind...

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]