nerdexam
GIAC

GCIH · Question #658

Which of the following Metasploit tools will generate a payload that can be introduced to a Windows system as shown in the image?

The correct answer is A. Msfvenom. Msfvenom is the dedicated Metasploit tool for generating standalone, encoded payloads in formats such as Windows PE executables, DLLs, or raw shellcode that can be placed on a target system. It replaced the older separate msfpayload and msfencode utilities.

Vulnerability Exploitation & Privilege Escalation

Question

Which of the following Metasploit tools will generate a payload that can be introduced to a Windows system as shown in the image?

Exhibit

GCIH question #658 exhibit

Options

  • AMsfvenom
  • BMsfd
  • CMsfrpc
  • DMsfconsole

How the community answered

(29 responses)
  • A
    90% (26)
  • B
    3% (1)
  • D
    7% (2)

Why each option

Msfvenom is the dedicated Metasploit tool for generating standalone, encoded payloads in formats such as Windows PE executables, DLLs, or raw shellcode that can be placed on a target system. It replaced the older separate msfpayload and msfencode utilities.

AMsfvenomCorrect

Msfvenom creates self-contained payload files in a wide range of output formats - including .exe, .dll, .ps1, and raw shellcode - that can be introduced to a Windows system for execution independently of an active Metasploit console session. It supports encoding options to help evade signature-based detection and can embed payloads into existing binaries, making it the correct tool for delivering a Windows payload as depicted.

BMsfd

Msfd is the Metasploit daemon that runs the framework as a persistent background service for remote API connections - it is not used to generate payload files.

CMsfrpc

Msfrpc is the Remote Procedure Call interface that allows external applications to interact with the Metasploit API programmatically - it does not generate standalone payloads.

DMsfconsole

Msfconsole is the interactive command-line interface for launching exploits, managing listeners, and interacting with sessions - it does not generate standalone payload files intended to be dropped on a target.

Concept tested: Metasploit msfvenom standalone payload generation

Source: https://docs.metasploit.com/docs/using-metasploit/basics/how-to-use-msfvenom.html

Topics

#Metasploit#msfvenom#payload generation#shellcode

Community Discussion

No community discussion yet for this question.

Full GCIH Practice