Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: mydoom.c information
From: Gyrniff <root () pq dk>
Date: Sun, 7 Mar 2004 22:16:30 +0100

As I recall the -L option (persistent listener) only works on the windows 
port. 

On Sunday 07 March 2004 20:44, John Sage wrote:
Now I'm confused...

On Sun, Mar 07, 2004 at 09:43:03AM -0800, morning_wood wrote:
From: "morning_wood" <se_cur_ity () hotmail com>
To: <full-disclosure () lists netsys com>
Subject: [Full-disclosure] mydoom.c information
Date: Sun, 7 Mar 2004 09:43:03 -0800

bascially looking for sync-src-1.00.tbz.  That message was
posted to this

avail on infected hosts

This is how I came to be in possession of it:

nc -l -p 3127 > doomjuice.dump

 You will probably want to write a loop to restart netcat
because it exits after a successful transfer.

 nc -L -p 3127 > out.txt note: " -L " will not exit your netcat, as
 it is for a persistant listener.

/* snip */


[jsage () sparky /storage/virii] $ nc -h
GNU netcat 0.7.1, a rewrite of the famous networking tool.
Basic usages:
connect to somewhere:  nc [options] hostname port [port] ...
listen for inbound:    nc -l -p port [options] [hostname] [port] ...
tunnel to somewhere:   nc -L hostname:port -p port [options]

Mandatory arguments to long options are mandatory for short options too.
Options:
  -c, --close                close connection on EOF from stdin
  -e, --exec=PROGRAM         program to exec after connect
  -g, --gateway=LIST         source-routing hop point[s], up to 8
  -G, --pointer=NUM          source-routing pointer: 4, 8, 12, ...
  -h, --help                 display this help and exit
  -i, --interval=SECS        delay interval for lines sent, ports scanned
  -l, --listen               listen mode, for inbound connects
  -L, --tunnel=ADDRESS:PORT  forward local port to remote address

/* snip */


Does persistent listener == tunnel?


- John

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]