Description
Generates Meterpreter shellcode using `msfvenom`, selecting the appropriate architecture and connection mode (reverse or bind), and outputs the resulting binary as a byte-array transformation object.
PowerShell Meterpreter Payload Generator
Overview
This PowerShell script acts as a wrapper around msfvenom to produce a Windows Meterpreter payload. Based on the selected parameter set, it builds either a reverse or bind payload, resolves the correct payload path for x86 or x64 architectures, executes msfvenom in a controlled environment, and reads the generated binary back into memory. The final output is returned as a ByteTransformResult object suitable for downstream obfuscation or transformation pipelines.
The script is designed to be non-interactive and pipeline-friendly, emitting only the generated payload data or throwing an error if payload generation fails.
Parameters
| Name | Type | Description |
|---|---|---|
Payload |
string |
The Meterpreter payload type to generate. Valid values are reverse_tcp, reverse_http, and reverse_https. Defaults to reverse_tcp. |
Architecture |
string |
The target architecture for the payload. Valid values are x86 and x64. This parameter is mandatory for all executions. |
RHost |
string |
The remote IP address or hostname that the reverse payload will connect back to. Required when using the reverse payload parameter set. |
RPort |
int |
The TCP port used by the reverse payload for callback communication. Defaults to 4444. |
LPort |
int |
The local TCP port that a bind payload will listen on. Defaults to 4444. |
Output
- Type:
SpecterInsight.Obfuscation.Classes.ByteTransformResult - Description: A byte-array wrapper containing the raw Meterpreter payload generated by
msfvenom.
Notes
- The script assumes
msfvenomis available in the execution environment. - A temporary file is used to store the generated payload before it is read back into memory.
- The script throws an exception if
msfvenomreturns a non-zero exit code. - The payload is not executed; it is emitted as data for further processing.