Page 2 of 2 FirstFirst 12
Results 11 to 17 of 17

Thread: My first backdoor in Windows xp sp2 home edition

  1. #11
    Junior Member
    Join Date
    May 2009
    Posts
    61

    Default

    First this is far from good backdoor. I wrote that i disable firewall with Carlos perez script you can get this script here: Security and Networking - Meterpreter Scripts . My backdoor will not work without disabling firewall.

    You can also get reverse shell or bind shell with some exploit, then upload with tftp nc.exe and with dos operation "at" open nc to listen on port every day at specific time.

  2. #12
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default

    Not to mention the complete lack of mention of client side exploits, like ye ol' ani header overflow.
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

  3. #13
    Good friend of the forums
    Join Date
    Jun 2008
    Posts
    425

    Default

    Most people don't even know they can control the networking services from the command line.

    , i was one of them . But after i read Ed Skoudis Command Line Kung Fu every thing become clear for me .

    blog = Command Line Kung Fu

    also there is Pdf version .
    Thanks for the link, onto the thrid page and my note books full.
    Vote to get it sticked

  4. #14
    Just burned his ISO PeterPunk's Avatar
    Join Date
    Jul 2009
    Posts
    9

    Default

    ok this is a well known... secret? about how to disable/enable things from command line.
    For example:
    You can enable the Windows Firewall from an elevated Command Prompt (in Vista)
    C:\> Netsh firewall set opmode enable

    or Disabling:
    C:\> Netsh firewall set opmode disable


    But... even Microsoft recommends the following (works on Vista, Win Server '08 )

    C:\> netsh advfirewall set currentprofile state on
    C:\> netsh advfirewall set currentprofile state off

    for .... forward compatibility.

  5. #15
    Just burned his ISO PeterPunk's Avatar
    Join Date
    Jul 2009
    Posts
    9

    Default

    Quote Originally Posted by Handsome-geek View Post
    .... I wrote that i disable firewall with Carlos perez script you can get this script here:****. ...
    Yes, i see this. But, again, there is no clue of how to use it to accomplish your goal. ok... you disable firewall using this... very script. But how?
    You give a nice explanation (indeed) about how to use metasploit framework to get an active connection but there is no explanation at all (except for a simple link to some code fragment) on how you disable the firewall in order to get this active connection.
    To be honest, I didn't find such tutorial even when trying... google.
    I am really open to... well disagreements.

    PS: Please note that my comment is because by sharing you experience you may help other people to better understand and to get the knowledge of the whole procedure.

  6. #16
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default

    Quote Originally Posted by PeterPunk View Post
    PS: Please note that my comment is because by sharing you experience you may help other people to better understand and to get the knowledge of the whole procedure.
    I may well be wrong (if I am I have NFI what script is being referenced), but using stuff like the killav ruby script (and getcountermeasures) are magnitudes of awesome better than doing that sort of thing by hand and implement much of the same basic functionality - when coupled with a meterpreter.

    I don't agree with using them to learn with though, if you come to rely on them they might eventually miss something, or you will not learn what you need to do properly, so your (that is, PeterPunk's) method is far more appropriate, especially for someone who is operating on their first backdoor.
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

  7. #17
    Member cr1spyj0nes's Avatar
    Join Date
    Sep 2008
    Posts
    164

    Default

    ok ths was my first backdoor,
    get a versions on netcat that is undetectable,
    make a batch script named start.bat to
    copy nc.exe and run.bat from ./ to C:\windows
    \system32, kill firewall, add regkey to startup,
    make another call'd run.bat to
    run nc -l -p 4444
    use windows iexpress to pack all three files and set 1 to run at exe, also its a good idea to run hidden from view,
    I would rather be hated for what i am,
    Then loved for what i am not.

Page 2 of 2 FirstFirst 12

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •