BSD x64 Command Shell, Reverse TCP Inline (IPv6) - Metasploit


This page contains detailed information about how to use the payload/bsd/x64/shell_reverse_ipv6_tcp metasploit module. For list of all metasploit modules, visit the Metasploit Module Library.

Table Of Contents
hide

Module Overview

Name: BSD x64 Command Shell, Reverse TCP Inline (IPv6)
Module: payload/bsd/x64/shell_reverse_ipv6_tcp
Source code: modules/payloads/singles/bsd/x64/shell_reverse_ipv6_tcp.rb
Disclosure date: -
Last modification time: 2021-01-05 14:59:46 +0000
Supported architecture(s): x64
Supported platform(s): BSD
Target service / protocol: -
Target network port(s): -
List of CVEs: -

Connect back to attacker and spawn a command shell over IPv6

Module Ranking and Traits

Module Ranking:

  • normal: The exploit is otherwise reliable, but depends on a specific version and can't (or doesn't) reliably autodetect. More information about ranking can be found here.

Basic Usage

msf > use payload/bsd/x64/shell_reverse_ipv6_tcp
msf payload(shell_reverse_ipv6_tcp) > show options
    ... show and set options ...
msf payload(shell_reverse_ipv6_tcp) > generate

To learn how to generate payload/bsd/x64/shell_reverse_ipv6_tcp with msfvenom, please read this.

Required Options

  • LHOST: The listen address (an interface may be specified)

Go back to menu.

Msfconsole Usage

Here is how the bsd/x64/shell_reverse_ipv6_tcp payload looks in the msfconsole:

msf6 > use payload/bsd/x64/shell_reverse_ipv6_tcp

msf6 payload(bsd/x64/shell_reverse_ipv6_tcp) > show info

       Name: BSD x64 Command Shell, Reverse TCP Inline (IPv6)
     Module: payload/bsd/x64/shell_reverse_ipv6_tcp
   Platform: BSD
       Arch: x64
Needs Admin: No
 Total size: 105
       Rank: Normal

Provided by:
  Balazs Bucsay @xoreipeip <balazs.bucsay[-at-]rycon[-dot-]hu>

Basic options:
Name     Current Setting  Required  Description
----     ---------------  --------  -----------
LHOST                     yes       The listen address (an interface may be specified)
LPORT    4444             yes       The listen port
SCOPEID  0                no        IPv6 scope ID, for link-local addresses

Description:
  Connect back to attacker and spawn a command shell over IPv6

Module Options

This is a complete list of options available in the bsd/x64/shell_reverse_ipv6_tcp payload:

msf6 payload(bsd/x64/shell_reverse_ipv6_tcp) > show options

Module options (payload/bsd/x64/shell_reverse_ipv6_tcp):

   Name     Current Setting  Required  Description
   ----     ---------------  --------  -----------
   LHOST                     yes       The listen address (an interface may be specified)
   LPORT    4444             yes       The listen port
   SCOPEID  0                no        IPv6 scope ID, for link-local addresses

Advanced Options

Here is a complete list of advanced options supported by the bsd/x64/shell_reverse_ipv6_tcp payload:

msf6 payload(bsd/x64/shell_reverse_ipv6_tcp) > show advanced

Module advanced options (payload/bsd/x64/shell_reverse_ipv6_tcp):

   Name                        Current Setting  Required  Description
   ----                        ---------------  --------  -----------
   AppendExit                  false            no        Append a stub that executes the exit(0) system call
   AutoRunScript                                no        A script to run automatically on session creation.
   AutoVerifySession           true             yes       Automatically verify and drop invalid sessions
   CommandShellCleanupCommand                   no        A command to run before the session is closed
   CreateSession               true             no        Create a new session for every successful login
   InitialAutoRunScript                         no        An initial script to run on session creation (before AutoRunScript)
   PrependSetgid               false            no        Prepend a stub that executes the setgid(0) system call
   PrependSetregid             false            no        Prepend a stub that executes the setregid(0, 0) system call
   PrependSetresgid            false            no        Prepend a stub that executes the setresgid(0, 0, 0) system call
   PrependSetresuid            false            no        Prepend a stub that executes the setresuid(0, 0, 0) system call
   PrependSetreuid             false            no        Prepend a stub that executes the setreuid(0, 0) system call
   PrependSetuid               false            no        Prepend a stub that executes the setuid(0) system call
   ReverseAllowProxy           false            yes       Allow reverse tcp even with Proxies specified. Connect back will NOT go through proxy but directly to LHOST
   ReverseListenerBindAddress                   no        The specific IP address to bind to on the local system
   ReverseListenerBindPort                      no        The port to bind to on the local system if different from LPORT
   ReverseListenerComm                          no        The specific communication channel to use for this listener
   ReverseListenerThreaded     false            yes       Handle every connection in a new thread (experimental)
   StagerRetryCount            10               no        The number of times the stager should retry if the first connect fails
   StagerRetryWait             5                no        Number of seconds to wait for the stager between reconnect attempts
   VERBOSE                     false            no        Enable detailed status messages
   WORKSPACE                                    no        Specify the workspace for this module

Go back to menu.

Go back to menu.

See Also

Check also the following modules related to this module:

Authors

Balazs Bucsay @xoreipeip <balazs.bucsay[-at-]rycon[-dot-]hu>

Version

This page has been produced using Metasploit Framework version 6.1.24-dev. For more modules, visit the Metasploit Module Library.

Go back to menu.