Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Reverse Shell Without Enabling Netcat's "GAPING_SECURITY_HOLE"
From: "Kurt Buff" <kurt.buff () gmail com>
Date: Fri, 19 Sep 2008 15:28:08 -0700

On Fri, Sep 19, 2008 at 3:01 PM, 545945 <545945 () gmail com> wrote:
     Recently a friend of mine asked me a seemingly simple question.  What
is the easiest method to get a reverse shell from a *nix based system using
Netcat.  He then added a caveat, that he did not want worry about
recompiling the source to enable the "GAPING_SECURITY_HOLE" option that
allows you to bind a shell using "-e".  My first thought was to say "Dude go
check Google and stop bothering me with this piddly shit", however I have in
the past had this same discussion with others and trying to construct a
Google search string and get meaningful results on this subject can prove
very irritating.  Because of this I gave in and told him the method I use
which is laid out below.  I then had the thought that I should post it
somewhere else so it was a little easier for the next person to find.  I say
"somewhere else" because I can only assume that I am not the first person to
post this method.


Or you could just grab cryptcat and be done with it, if I understand
what you're after.

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]