Spam: InternetExplorer Payloads

[robin.kipp at gmx.de (Robin Kipp)]

Hey all,
Just downloaded Metasploit and it really seems to be fun, I just
successfully nuked the ICS service in my network. Now I wanted to
exploit InternetExplorer 6 on my Windows XP Sp2 laptop. Some of the
exploits displayed some strange signs in the browser window, and some
even closed the InternetExplorer with an error message. However, I
wasn't able to control my laptop from a command shell on my comp. Here's
exactly what happens:
For example, let's select the Internet Explorer createTextRange() Code
Execution on the web console. As the target, I select Internet Explorer
6 - (6.0.3790.0 - Windows XP SP2).
Then, I select generic/shell_bind_tcp on the next screen to get a
console when someone connected to my server.
SRVHOST is my intranet IP, SRVPORT is 8080, URIPATH is "exp" and LPORT
is 4444.
Now when I click on "Launch Exploit", The following lines appear:
#    # ###### #####   ##    ####  #####  #       ####  # #####
##  ## #        #    #  #  #      #    # #      #    # #   #
# ## # #####    #   #    #  ####  #    # #      #    # #   #
#    # #        #   ######      # #####  #      #    # #   #
#    # #        #   #    # #    # #      #      #    # #   #
#    # ######   #   #    #  ####  #      ######  ####  #   #

       =[ msf v3.0
+ -- --=[ 191 exploits - 106 payloads
+ -- --=[ 17 encoders - 5 nops
       =[ 36 aux

[*] Using URL: http://192.168.1.111:8080/exp
[*] Server started.
[*] Exploit running as background job.
Now let's open the URL http://192.168.1.111:8080/exp from the laptop. A
% sign appears in the browser window and the line
[*] Started bind handler
Appears in the web console. However, when I go to "sessions", I don't
see anything helpful, just the message that there are no sessions. Is
there anything I can do so I can exploit my own InternetExplorer? :-)
Thanks!
Robin