Page 1 of 3 123 LastLast
Results 1 to 10 of 24

Thread: How To Backdoor an OPN AP

  1. #1
    Good friend of the forums Eatme's Avatar
    Join Date
    Aug 2009
    Location
    Socks5
    Posts
    308

    Exclamation How To Backdoor an OPN AP

    If my AP has no security on it (no wep/wpa) and i have multiple computers connected to my ap. How could I backdoor(test) one of those pcs. Since there is no cracking needed, this task would be easier i guess ?

    I seen a few tut on it but they weren't quite clear enough for me to understand or even see with my own eyes(due to low vid quality) since im new to this kind of backdoor method. I also have a better way to actually backdoor a computer but, with bt it makes it much easier.

    Let me explain:
    Once backdoored (using bt), I can place a non-harmful exe to remotely connect to the pc. That way i dont have to type all that mumbo shumbo command line stuff to do what i need to do. And ill have a remote GUI to look at.

    Long story short. Since remote tools don't come with the ability to get inside a box using this exploit, combine bt+a remote tool, and you're in business, easy as pie. I will be using this method for work purposes fyi, when im at work.

    Thanks,

  2. #2
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default

    Well if you're at work why don't you just install a remote desktop client to each of the machines, you could even push the install package out via group policy if that is applicable.

    Edit: Also why is your office using a completely insecure network. That's just GAGGING for someone to come in and blow away your financials.
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

  3. #3
    Junior Member
    Join Date
    Aug 2008
    Posts
    30

    Default

    Adding onto Gitsnik's idea of installing remote desktop clients to each of the machines (which should be ideal).
    I'm currently wondering your code of ethics. Has an agreement been made for you to perform penetration testing on the companys network, or are you planning on using Back Track as a form of evil to do away / spy on co-workers.

    After permission & thinking that you don't have physical access to the stations that'll be connecting to your access point, I'd use a tool like ettercap along with it's dns spoof plugin to make all the traffic direct to a crafted page of your choice. Back Track come's with an apache server, so you crafting a legitimate looking page with a link to a malicious executable would be ideal. You'll really have to have an open mind here, like for example, you name the SSID something like, "Business XYZ", as soon as people connect onto the network, send all traffic over to a page that you created that looks legit and asks the user if they want to start making use of the internet they'll need to install a program. The program could be anything evil you could conjour up, from a personally crafted backdoor, to a reverse meterpreter connector in an .exe form.

    What's really shady is your saying your going to be doing it at work and certainly you don't want to perform dns spoofing on your works LAN without permission. It just sort've sounds like your trying to cover up your evil intensions; I tried to help out with my suggestion anyway.

  4. #4
    Good friend of the forums Eatme's Avatar
    Join Date
    Aug 2009
    Location
    Socks5
    Posts
    308

    Default

    no, no, and no. Sorry but both of you are wrong. Im trying to learn how to do the backdoor method, also use this method to access "MY COMPUTERS" not my job computers...(my job will have nothing to do with this, i will be using BT on my personal computer while at work, if you wanted to know)

    And yes i know i can avoid the whole thing by adding a simple remote tool on my pcs, but thats what i dont want to do atm. Im trying to learn BT, thats why i asked. (Thats takin the easy route out and you can't learn by takin a easy route unless you know the route already)

    @KrisTeasin, sorry buy i stopped reading your post after the first line, since I guess it was all about the same thing what Gitsnik was thinking/mentioning...

    sorry if i wasn't clearier on what i was trying to do.

  5. #5
    Member
    Join Date
    Jan 2010
    Location
    The new forums
    Posts
    462

    Default

    You ought to really consider the pentesting with BackTrack course. At least take a look at the syllabus.

    Penetration Testing Training and Certification - BackTrack Training.

    If you really want to learn BackTrack its the best place to start.

  6. #6
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default

    Well in that case, I suggest you learn basic networking If you knew that you would know that a wireless network is (relativly) similar to a wired network and your question would have been moot.

    Quote Originally Posted by Eatme View Post
    @KrisTeasin, sorry buy i stopped reading your post after the first line, since I guess it was all about the same thing what Gitsnik was thinking/mentioning...
    I suggest you go back and read it then.
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

  7. #7
    Good friend of the forums Eatme's Avatar
    Join Date
    Aug 2009
    Location
    Socks5
    Posts
    308

    Default

    i ment to say im trying to learn bt backdoor method not bt period..i know the basics...

    nvm forgett it, ill just find some more tut to help me. thanks

    ...keep getin misunderstood.

  8. #8
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    Well the whole thing sounds pretty lame + fishy to me too but I was letting the thread unfold a little more before I stepped in to comment.

  9. #9
    Member
    Join Date
    Jan 2010
    Location
    The new forums
    Posts
    462

    Default

    Someone already gave you an answer to your question on the thread.

    Quote Originally Posted by Eatme View Post
    Im trying to learn BT, thats why i asked.
    That's why I linked you the Offsec class...

    Quote Originally Posted by Eatme View Post
    i ment to say im trying to learn bt backdoor method not bt period..i know the basics...
    Got it.. Good luck!

  10. #10
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default

    I agree with lincoln, good luck!

    I meant the basics of networking... which you failed to show that you knew in your first post, so my apologies for the incorrect assumption.

    Considering some of the "backdoor" tools available to us on BT (or any exploit platform in general), I would suggest you work on getting your own files uploaded and executing (say, at logon), then look into DameWare. It is a windows only toolkit but one that has proven to be invaluable to me as a SysAdmin and during my own pentests.
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •