Shells & Payloads
Tools, Tactics, and Procedures for Payload Generation, Transfer, and Execution
Payload Generation
Resource
Description
MSFVenom & Metasploit-Framework
Payloads All The Things
Mythic C2 Framework
Nishang
Darkarmour
Payload Transfer and Execution
Impacket
: Impacket is a toolset built-in Python that provides us a way to interact with network protocols directly. Some of the most exciting tools we care about in Impacket deal withpsexec
,smbclient
,wmi
, Kerberos, and the ability to stand up an SMB server.Payloads All The Things: is a great resource to find quick oneliners to help transfer files across hosts expediently.
SMB
: SMB can provide an easy to exploit route to transfer files between hosts. This can be especially useful when the victim hosts are domain joined and utilize shares to host data. We, as attackers, can use these SMB file shares along with C$ and admin$ to host and transfer our payloads and even exfiltrate data over the links.Remote execution via MSF
: Built into many of the exploit modules in Metasploit is a function that will build, stage, and execute the payloads automatically.Other Protocols
: When looking at a host, protocols such as FTP, TFTP, HTTP/S, and more can provide you with a way to upload files to the host. Enumerate and pay attention to the functions that are open and available for use.
See File Transfers
Last updated