Bind shell is a type of shell in which the target machine opens up a communication port or a listener on the victim machine and waits for an incoming connection. The attacker then connects to the victim machine’s listener which then leads to code or command execution on the server. This video demonstration is the POC which shows that payload opens up port number 666 onto the target's machine. When attacker connects to port 666 of the target machine using netcat, it is prompted with the command prompt of the target machine. Thus compromising machine.
It would be very difficult for attackers to obtain bind shell of the systems from outside of the LAN because: 1. Firewalls often have strict inbound traffic filtering 2. NAT/PAT translation process changes the private IP address (RFC 1918) into different public IP addresses, and can even change the port. So attackers uses bindshell to compromise target systems mainly inside the Local Area Network.