This a short and simple understanding what the payload types do and used for.

Metasploit payloads are pre -written exploits to use on targets system/site/server etc ….
There 546 payloads in Metasploit for u to have fun with in this part we talk about the different types

Types of payloads


inline payloads are single packages of exploits they are more stable but of the size u cant use them in small vulnerable memory areas ..


This type of payload is able to fit in to really small spaces and make a foot hold and then pull the rest the payload on the targets system


the most powerful of them all this the payload u want on the targets system it uses .dll injection to take over the system this leaves no trace of it ever been there as it hides in the memory 😉


PassiveX uses active x on internet explorer to hide the outbound traffic that the firewall disables

No NX is referred to as the no execute or NX on windows systems there is a built-in security feature called DEP (data execution prevention) the way it works is to keep data making its way to CPU and been executed


ORD is probably the oldest payload it really small and works on all windows systems it uses .dll to exploit their system


these are designed to hack networks using IPV6 protocol

Reflective dll Injection

this payload injects to the memory never writing to the hard drive this means there be little no trace back

Payload modules

there three types of modules that the payloads fall under


stage payloads use tiny stagers to fit in to small exploitation spaces like targets buffer or other memory area’s This this then loads small amount of code tobe executed on the system.
Larger staged payloads like complex payloads eg Meterpreter , VNC injection


Stagers are lot like stage payloads in the way then fit in to small memory areas its use to load larger payloads on to targets systems look it barracks in black ups were u have to take the barracks u send in on person before the team goes in this the same thing only with payloads its is hand to plant for later uses


singles (aka inline payloads ) these do not require a stager.
this is more stable and us used if the code it to large for a vulnerable memory area in the targets device.

Bear this in mind this only a fast example of the payloads and what they do so don’t be having a go at me as u want me to get in to detail well then have to 2 or 3 weeks to read it all this way you will know the payloads are what they are used for ..


Hi im the laughing man im a pentester and the owner of Hacking a rise

Leave a Reply