In this post, You will learn what is a payload in Metasploit and its types and also you will learn how to generate a payload in Metasploit.
What is a payload in Metasploit❓
A payload in Metasploit is an exploit module. In simple terms payloads are a bunch of codes and once uploaded to the target machine then you can exploit the payload.
Types of payloads
There are 10 types of payloads in Metasploit they are;
- Inline (NON STAGED)
- Reflective DLL Injection
Among the 10 types of payloads in Metasploit only three of them are the main ones and the most often used payloads are;
Single payloads are self-contained and totally self-contained payloads. In simple terms, a single payload is adding a user to the target system.
As these singles payloads are self-contained there are many chances to get caught by netcat and similar tools.
Stagers are compact and dependable devices that establish a network connection between the attacker and the victim. It’s tough to accomplish both of these correctly all of the time, so the end effect is a lot of stagers that look the same.
Stages are payload components that Stagers modules download. Meterpreter, VNC Injection, and the iPhone ‘ipwn’ Shell are among the sophisticated capabilities available in the different payload stages, which have no size restrictions.
Inline (Non staged)
inline payloads are more stable than their equivalents because they include everything in one package. Anyways some exploits will exceed the size limit.
Meterpreter, is the short form of Meta-Interpreter. The Meterpreter is a very advanced payload that operates using the DLL injection.
PassiveX is a payload that can help you get around firewalls that block outbound traffic. It accomplishes this by creating a covert instance of Internet Explorer with the help of an ActiveX component.
The NONXStands for No execute. Some CPUs include a mechanism that prevents code from running in particular memory locations.
The Metasploit NoNX payloads are designed to circumvent DEP.
Ordinal payloads are Windows stager based payloads. The ORD Payloads are very tiny and compared to other payloads it is very fast.
The IPV6 Payloads are built to work with IPv6.
Reflective DLL Injection
Reflective DLL Injection is a method of injecting a stage payload into a compromised host process that is operating in memory and never touches the host hard disc.
Also Read: Metasploit commands