just a quicky:
(If you don’t know what this is about maybe you want to brush up your knowlege in offensive security)
If you need to generate a simple reverse shell payload with metasploit (msfpayload | msfencode) be aware of the difference between shell/reverse_tcp and shell_reverse_tcp!
shell/reverse_tcp is just a stager that connects back to metasploit and loads the actual payload (shellcode)! So if you are sitting in front of your netcat listener the stager will miss its intended stage and will not perform a pretty act (a shell) for you…
If you are just using msfpayload you will see a splitted output (Stage 1+2) that will remind you. However if you pipe directly into msfencode then you will get no feedback in the output!
You can also look at the rapid7 module listing: