I typed:
nc -v -L -e cmd.exe -p 139 -s xxx.xxx.xxx.xxx but i didn't get anything on the next row. What happened with that. Was I blocked by the network policy?
Thx
g00rkha
:D
Printable View
I typed:
nc -v -L -e cmd.exe -p 139 -s xxx.xxx.xxx.xxx but i didn't get anything on the next row. What happened with that. Was I blocked by the network policy?
Thx
g00rkha
:D
My best guess is that it is because you tried to bind cmd.exe to port 139 which is already in use by Windows for Netbios...
Try using a different port
I agree, what are your perm's on the system though?
Kelvin://
Well, normally if Netcat can't bind a port it gives an error message like:
Can't bind xxx.xxx.xxx.xxx:139: Port in use or some other similar error.
Personally, I don't think you should be running cmd.exe off of any listening connection anyways... You're obviously just out to setup a backdoor, so I don't see why anyone here should be helping you.
i believe you told netcat to be a server, listen on port 139 and give a command promt when anyone connects. if you don't get a prompt back thats what its doing.
chsh is right, you should be using another port like 443
Does it mean I still can use this port (139) because the service (sorry if i'm not mistaken) give Netcat priority over NETBIOS service which is at a lower priority because it is bound to ANY IP address? Because of I bind I bind "in front of" some services that may be listening on the port.
I tried to use port 443 but it gave me the message that I could not bind with the port. Thanks.
two things..
First, no netcat will not have a higher priority than netbios. When a service is bound to a port, the only way to get rid of it is to kill the process.
Second, If you set up the listener and you get a blank line and your prompt does not return, that probably means the listener is waiting for a connection. To verify this open another window and type
unix: netstat -na |grep <netcat port>
windows: netstat -na |more --> and just look for the port netcat is using.
Make sure that port is in "listening" state
Like I said earlier though...try using a high port that will not conflict with any already in use....something like 23456.
Once the port is listening, open another session and try:
telnet <target.ip> <port #>
Try a higher port.
c:\>nc -d -l -p 6000 -e cmd.exe
X11R6 is already running on port 6000 ...
Look at your local /etc/services !!!