Metasploit mailing list archives
need help for msfweb/msfconsole
From: exploit1001 at gmail.com (ExploiT)
Date: Tue, 2 Aug 2005 12:37:17 -0400
On 8/2/05, net spy <n4net_spy at yahoo.com> wrote:
hi guyz i need lil info about msfweb that how to use it since im new to this tool and also the information about PAYLOAD some time i use some exploit agains my another system it ask for payload but im confure wat payload to use.any help would be appreciated. Reagards Net_Spy Send instant messages to your online friends http://uk.messenger.yahoo.com
Well, it all depends on what you want, i'm assuming your exploiting a windows host, so the payloads for a windows OS are as follows: win32_adduser Windows Execute net user /ADD win32_bind Windows Bind Shell win32_bind_stg_upexec Windows Staged Bind Upload/Execute win32_bind_vncinject Windows Bind VNC Server DLL Inject win32_exec Windows Execute Command win32_findrecv_ord_meterpreter Windows Recv Tag Findsock Meterpreter win32_findrecv_ord_stg Windows Recv Tag Findsock Shell win32_findrecv_ord_vncinject Windows Recv Tag Findsock VNC Inject win32_passivex Windows PassiveX ActiveX Injection Payload win32_passivex_meterpreter Windows PassiveX ActiveX Inject Meterpreter Payload win32_passivex_stg Windows Staged PassiveX Shell win32_passivex_vncinject Windows PassiveX ActiveX Inject VNC Server Payload win32_reverse Windows Reverse Shell win32_reverse_dllinject Windows Reverse DLL Inject win32_reverse_meterpreter Windows Reverse Meterpreter DLL Inject win32_reverse_ord Windows Staged Reverse Ordinal Shell win32_reverse_ord_vncinject Windows Reverse Ordinal VNC Server Inject win32_reverse_stg Windows Staged Reverse Shell win32_reverse_stg_upexec Windows Staged Reverse Upload/Execute win32_reverse_vncinject Windows Reverse VNC Server Inject Ok, the basic ones you'll use are win32_bind, all it does is bind a remote shell from the victim system to a certain port of your choosing... Another basic one is win32_exec, all it does is executes a command that you specify on the victim system...thats it. win32_adduser simply adds a user account that you specify to the victim machine. win32_bind_vncinject, injects a vnc server onto the remote host, then connects to it giving you full command line and graphical access to the victim. those are the basic ones...if you just want to gain access simply, i'd use win32_bind...
Current thread:
- need help for msfweb/msfconsole net spy (Aug 02)
- need help for msfweb/msfconsole ExploiT (Aug 02)