module

HTTPS Fetch, Windows Command Shell, Bind TCP Stager (No NX or Win7)

Disclosed	Created
N/A	Apr 2, 2026

Disclosed

N/A

Created

Apr 2, 2026

Description

Fetch and execute an x86 payload from an HTTPS server.
Spawn a piped command shell (staged).

Listen for a connection (No NX)

Authors

Brendan Watters
spoonm spoonm@no$email.com
sf [email protected]
vlad902 [email protected]

Platform

Windows

Architectures

cmd

References

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':


    msf > use payload/cmd/windows/https/x86/shell/bind_nonx_tcp
    msf payload(bind_nonx_tcp) > show actions
        ...actions...
    msf payload(bind_nonx_tcp) > set ACTION < action-name >
    msf payload(bind_nonx_tcp) > show options
        ...show and set options...
    msf payload(bind_nonx_tcp) > run

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report