Only use a stager if there is a stage to perform on – shell/reverse_tcp vs. shell_reverse_tcp


just a quicky:

(If you don’t know what this is about maybe you want to brush up your knowlege in offensive security)

If you need to generate a simple reverse shell payload with metasploit (msfpayload | msfencode) be aware of the difference between shell/reverse_tcp and shell_reverse_tcp!

shell/reverse_tcp is just a stager that connects back to metasploit and loads the actual payload (shellcode)! So if you are sitting in front of your netcat listener the stager will miss its intended stage and will not perform a pretty act (a shell) for you…

If you are just using msfpayload you will see a splitted output (Stage 1+2) that will remind you. However if you pipe directly into msfencode then you will get no feedback in the output!

You can also look at the rapid7 module listing:


About SebastianB

read it in my blog
This entry was posted in InfoSec and tagged , , , , . Bookmark the permalink.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.