Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Server initiated remote shell

From: "Steve" <steve () securesolutions org>
Date: Fri, 21 Sep 2001 15:25:55 -0600
Check out the NetCat readme.  You can have it send you a shell.  Of
course this relies on you being able to upload and execute nc on the
host you are attacking.


-----Original Message-----
From: Ilici Ramirez [mailto:ilici_ramirez () yahoo com] 
Sent: Friday, September 21, 2001 8:23 AM
To: pen-test () securityfocus com
Subject: Server initiated remote shell


Hi,

Lets suppose that I can execute a program on an inside
host on a network protected by a firewall. There is no
way in. But there is a way out to www browsing on port
80.

So the client could connect to any Internet address on
port 80. What program should it execute to provide me
with a shell? Of course I'm in Internet with a
listener. What listener?

The firewall is a real statefull firewall so no TCP
ACK or ICMP encapsulations. 

Have a nice weekend too.

Ilici R


__________________________________________________
Terrorist Attacks on U.S. - How can you help?
Donate cash, emergency relief information 
http://dailynews.yahoo.com/fc/US/Emergency_Inf> ormation/



--------------------------------------------------------------
--------------
This list is provided by the SecurityFocus Security 
Intelligence Alert (SIA) Service. For more information on 
SecurityFocus' SIA service which automatically alerts you to 
the latest security vulnerabilities please see: 

https://alerts.securityfocus.com/


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Previous By Date Next
Previous By Thread Next

Current thread: