Skip to content

Payloads

Jump to bottom
Johnny Watts edited this page Apr 12, 2024 · 17 revisions

Payloads

  • From the main menu, press 2 to load the Payloads Menu to quickly and easily craft metasploit payloads for a wide variety of targets (options for windows x86/x64, linux x86/x64, mac/osx, android, and python).

  • Press enter to continue.

KSploit Payloads Splash Screen

  • Choose an option from the Payloads Menu :
  1. Windows Payloads - Choose Option 1 for Meterpreter payloads (exe) for Windows x86 and x64
  2. Linux Payloads - Choose Option 2 for Meterpreter payloads (elf) for Linux x86 and x64
  3. Mac/OSX Reverse TCP - Choose Option 3 for Meterpreter payload (macho) for Mac/OSX
  4. Android Meterpreter Reverse TCP - Choose Option 4 for Meterpreter payload (apk) for Android
  5. Unix Reverse Python - Choose Option 5 for Meterpreter payload (python) for systems running python

KSploit Payloads Menu

Windows Payloads

  • From the Main Payloads Menu, press 1 to load the Windows Payloads Menu.
  • Press enter to continue.

KSploit Windows Payloads Menu

You are presented with options:

  1. Windows x86 Meterpreter Reverse TCP - (Rarely Encountered) Choose Option 1 to craft a windows x86 (32 bit) meterpreter reverse tcp payload.
  2. Windows x64 Meterpreter Reverse TCP - (Most Modern Windows Systems) Choose Option 2 to craft a windows x64 (64 bit) meterpreter reverse tcp payload.

KSploit Windows Payloads Menu

Windows x86 Meterpreter Reverse TCP Payload

  • From the Windows Payloads Menu, choose option 1 to craft a windows x86 (32 bit) meterpreter reverse tcp payload.
  • Enter the attacker ip address (probably in the "current adapter addresses" displayed on your screen)

KSploit Windows x86 Payload

  • Enter the target port on the attacker machine, i.e.: 4444

KSploit Windows x86 Payload Port

  • The script will generate a shikata ga nai encoded windows/meterpreter/reverse_tcp payload and save it as "shell.exe" in the working directory

KSploit Windows x86 Payload Generated

Use this payload with a Windows Meterpreter Reverse TCP listener

Windows x64 Meterpreter Reverse TCP Payload

  • Choose option 2 to craft a windows x64 (64 bit) meterpreter reverse tcp payload.
  • Enter the attacker ip address (probably in the "current adapter addresses" displayed on your screen)

KSploit Windows x64 Payload

  • Enter the target port on the attacker machine, i.e.: 4444

KSploit Windows x64 Payload Port

  • The script will generate a xor encoded windows/x64/meterpreter/reverse_tcp payload and save it as "shell64.exe" in the working directory

KSploit Windows x64 Payload Generated

Use this payload with a Windows Meterpreter Reverse TCP listener

Linux Payloads

  • From the Main Payloads Menu, press 2 to load the Linux Payloads Menu.
  • Press enter to continue.

KSploit Linux Payloads Menu

You are presented with options:

  1. Linux x86 Meterpreter Reverse TCP - Choose Option 1 to craft a linux x86 (32 bit) meterpreter reverse tcp payload.
  2. Linux x64 Meterpreter Reverse TCP - Choose Option 2 to craft a windows x64 (64 bit) meterpreter reverse tcp payload.

KSploit Linux Payloads Menu

Linux x86 Meterpreter Reverse TCP Payload

  • From the Linux Payloads Menu, choose option 1 to craft a linux x86 (32 bit) meterpreter reverse tcp payload.
  • Enter the attacker ip address (probably in the "current adapter addresses" displayed on your screen)

KSploit Linux x86 Payload

  • Enter the target port on the attacker machine, i.e.: 4444

KSploit Linux x86 Payload Port

  • The script will generate a raw linux/meterpreter/reverse_tcp payload and save it as "shell.elf" in the working directory

KSploit Linux x86 Payload Generated

Use this payload with a Linux Meterpreter Reverse TCP listener

Linux x64 Meterpreter Reverse TCP Payload

  • Choose option 2 to craft a linux x64 (64 bit) meterpreter reverse tcp payload.
  • Enter the attacker ip address (probably in the "current adapter addresses" displayed on your screen)

KSploit Linux x64 Payload

  • Enter the target port on the attacker machine, i.e.: 4444

KSploit Linux x64 Payload Port

  • The script will generate a raw linux/x64/meterpreter/reverse_tcp payload and save it as "shell64.elf" in the working directory

KSploit Linux x64 Payload Generated

Use this payload with a Linux Meterpreter Reverse TCP listener

Mac-OSX Payload

  • From the Main Payloads Menu, press 3 to load the Mac/OSX Payloads Options.
  • Enter the attacker ip address (probably in the "current adapter addresses" displayed on your screen)

KSploit Mac OSX Payload

  • Enter the target port on the attacker machine, i.e.: 4444

KSploit Mac OSX Payload Port

  • The script will generate a raw osx/x86/shell_reverse_tcp payload and save it as "shell.macho" in the working directory

KSploit Mac OSX x86 Payload Generated

Use this payload with a OSX Reverse TCP Listener

Android Payload

  • From the Main Payloads Menu, press 4 to load the Android Payload Options.
  • Enter the attacker ip address (probably in the "current adapter addresses" displayed on your screen)

KSploit Android Payload

  • Enter the target port on the attacker machine, i.e.: 4444

KSploit Android Payload Port

  • The script will generate an android/meterpreter/reverse_tcp payload and save it as "shell.apk" in the working directory

KSploit Android Payload Generated

Use this payload with an Android Meterpreter Reverse TCP Listener

Disclaimer

The KSploit script is a tool intended for legitimate penetration testing and security research purposes only. It should only be used with explicit permission and in accordance with all applicable laws and regulations. The ability to generate malicious payloads and shell scripts raises significant ethical and legal concerns. Users of this tool are solely responsible for ensuring their actions are authorized and lawful.

Under no circumstances should this script be used to gain unauthorized access to systems, disrupt operations, or conduct any other malicious activities. The author and distributors of this tool will not be held liable for any misuse or damages resulting from its use.

It is the user's responsibility to only utilize KSploit within the scope of their authorized testing activities, to respect the privacy and security of all parties involved, and to discontinue use if concerns arise about the legality or ethics of their actions. Improper or illegal use of this tool may result in severe civil and criminal penalties.

📄 Table of Contents
Home
Installation Instructions
Usage Instructions
- Listeners Usage
- Payloads Usage
- Persistence Scripts Usage
- Windows exe Payload Injection Usage
Clone this wiki locally