New Metasploit Payload Stager (windows/*/reverse_tcp_allports)

HD Moore made a blog post yesterday about a new Metasploit payload stager that was just added.

Taken from Metasploit Blog:

"The new payload stager (windows/*/reverse_tcp_allports) accepts the LPORT variable as a starting port, tries to connect to the host specified by LHOST, and if it fails, bumps the port up by one and starts all over again."

An example of this new payload stagers use is if you were trying to get a reverse connection back to a machine under your control in an environment that does aggressive egress filtering. You could determine which ports are allowed outbound from the compromised system using the stager and some IPTables magic.

You can find the complete post with more information about the new payload stager, use syntax, and IPTables configuration example here.