Question: what has this tool msfvenom's hasn't?

[q2dg]

Thanks!

[0x00-0x00]

Well, they are totally different tools.

For msfvenom, it is a SHELLCODE generator, which you could use in binary exploitation exploits. There is also the possibility to create staged and stageless payloads to a file which in turn execute this SHELLCODE using many techniques and a lot of formats, depending on the operational system. In windows, for example, to execute a meterpreter RAT, msfvenom creates a binary file in PE format which uses Reflective DLL Loader to inject this above mentioned shellcode into a remote process.

Shellpop, on other hand, is a Reverse Shell Generator with many capabilities like obfuscation and reaches a lot of exoteric protocols for reverse shells (like UDP), but don't go anything beyond that.

So, another practical difference from both tools would be the scenario below:

You have a RCE vulnerability in a web application, you could:

• Use msfvenom to create a file, serve it using HTTP server, use ANOTHER TOOL like wget or curl to download and execute it (IF you have write permissions)

OR

• Use shellpop to directly execute code through RCE vulnerability and pop shells.

You can note that MSFVENOM relies on the premise of another tool to download it's code and execute, while Shellpop, as a reverse shell generator, does not. It can be executed directly through the vulnerable vector and directly "from memory";

If you still need something to be cleared up, please, ask away.

If not, tell me that I can close this issue!

[q2dg]

Ooh, a perfect explanation! Thanks a lot. I'll close the issue, then. Thanks!

[0x00-0x00]

Just as a side-note, my statement in first post might be misguiding when I say that "msfvenom is a shellcode generator".

msfvenom also have some other functionalities like generating payload files for web applications in general (php, war, asp, etc.) that are not shellcode-and-process injection related and have some similarities with shellpop main functionality, which is: "getting shells through code execution".

Their main difference is that shellpop focus on dynamic one-liner commands to get shell, while msfvenom in most situations like this generates you a file, which in some situations could be cumbersome (too big) or troublesome (no way to upload files, just execute commands).

Command execution is a primitive condition in order to get a remote shell before uploading files. It is probable that sometimes you will achieve command execution but file upload is not viable or even possible.