Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 22

Thread: connecting to another computer using netcat

  1. #11
    Also, leaving netcat listening without restriction can pose a HUGE security risk.
    so, only execute the listening command when you will connect within a short period of time
    yes i know...
    but this only is on a lan with no access to the i-net, so the risk should be coming from the inside then...

    but suppose the system was able to access i-net, is there any possiblity then to get a cmd after entering a specific password?

  2. #12
    I'm sure that win2k has some kind of "remote" administration feature. That's the entire point of terminal services. I know that XP has remote assistance and remote desktop, but that doesn't help you.

    One fun way would be to use a remote admin program like bo2k. Problem is, BO2K is actually a well known trojan that lots of crackers love to use. Sub-7 would also do the trick, except again for the trojan aspect.

    Don't forget that many black-hat tools can be used for good. Just don't use any default settings. I'm sure some skiddy in the past attempted to use bo2k in a good way, but left the default settings. Next thing he knows, it's time to FFR (Fdisk, Format, Re-install). Wait that wasn't some skiddy, that was me 3 years ago.

    I'd suggest doing a google for remote administration or plug it into the search field here on AO
    You are so bored that you are reading my signature?

  3. #13
    i know both of the tools but our virusscanner knows them also
    so that wouldn't help me...
    but i already thought about using that kind of tools, but i like the standard command prompt, and i want to learn more about nc and the command-line power, so this is the right thing for me...

    but thanks for the thought...

  4. #14
    Senior Member
    Join Date
    Aug 2003
    i've heard that there is out an unofficial version of netcat supporting user/pass verification.
    (could be possible 'cos sources are public)
    i will try to get it...
    Industry Kills Music.

  5. #15
    there is a way if you know how to program. You could create a program that asks for a password then can execute a cmd shell. It would be pretty easy to do half-assed. I might create a qbasic program that would work and post it here later. But a cracker could probably intercept the program as netcat sends it, then could de-compile the program and figure out how everything works. Using VB (visual basic) you could create a server app that waits until a client program sends a valid password, then could validate the execution of nc -e cmd. But that is really beyond my VB experience. I might work on it, though.
    You are so bored that you are reading my signature?

  6. #16
    i know how to write a program that asks for a password in c++ but i don't know yet how to execute another one with c++, it should be something with system, but i haven't been able to get it to work yet....

  7. #17
    Senior Member
    Join Date
    Jul 2002
    Well, for that purpose, I always use Cygwin's sshd ( as ssh server and Putty ( as ssh client.

    The traffic is strongly encrypted, it asks you username and password (if you configure it to) or uses your own's private key, no limit in the number of connection hops (A -> B, B -> C, C -> D, etc), no programming required, and it's still free.

    But it's just me.

    Peace always,
    Always listen to experts. They\'ll tell you what can\'t be done and why. Then go and do it. -- Robert Heinlein
    I\'m basically a very lazy person who likes to get credit for things other people actually do. -- Linus Torvalds

  8. #18
    i'll go check that out, thanks jdenny...

  9. #19
    Senior Member
    Join Date
    Nov 2001
    You are probably better off using SSH for this sort of work, it is designed for this sort of thing, and has security in mind. Public/Private keypair auth is the way to go IMHO.

    Some links:
    PuTTY (SSH Client for Win32):
    Good General Links to Various SSH Stuff for Win:
    Payware SSH for Win:
    The latter may not hold your interest, but IME it is by far the easiest to install and setup for Windows.
    Chris Shepherd
    The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
    \"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
    Is your whole family retarded, or did they just catch it from you?

  10. #20
    AO Curmudgeon rcgreen's Avatar
    Join Date
    Nov 2001
    I came in to the world with nothing. I still have most of it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts