-
Notifications
You must be signed in to change notification settings - Fork 3
Metasploit Payload Selection
Up next is selecting the payload that you would like to use for your HID attacks.
Since the HID will be plugged directly into the target computer, it is best to use a reverse connection payload. A reverse connection payload runs on the target computer and creates an outbound connection to your Kali machine. The benefit of reverse connections is that they can allow for firewalls to be bypassed since the connection is being established by the target machine from behind the firewall.
There are numerous reverse connection payloads available in Metasploit. This project specifically targets Windows machines so we will keep it limited to Windows payloads. We will also focus on Meterpreter payloads as they are generally the most useful. I will discuss VNC payloads in the post exploitation page.
Here are a few of the options available:
windows/meterpreter/reverse_https
windows/meterpreter/reverse_http
windows/meterpreter/reverse_tcp
There are also x64 versions of these payloads as well. We look at using the x64 versions in the page on UAC bypassing.
The payload that I use for this project is the standard Meterpreter reverse HTTPS payload. windows/meterpreter/reverse_https
This payload was chosen because it provides an SSL encrypted channel between Kali and the target. It can be disguised as normal HTTPS traffic if you set up a listener on port 443 on your Kali machine. The Meterpreter reverse HTTPS payload is supported in Veil-Evasion. And, this payload is packet based and very robust.
For more information on the reverse HTTP and HTTPS payloads visit this Metasploit blog post by the father of MSF, HD Moore.
If you have another payload that you like using feel free to do so. However, if it is not supported in Veil-Evasion, it may limit your abilities. This wiki will assume you are using the Meterpreter reverse HTTPS payload.
Now we will move on to generating our payloads.