netcat on boot?
Page 1 of 2 12 LastLast
Results 1 to 10 of 19

Thread: netcat on boot?

  1. #1
    Member
    Join Date
    Dec 2001
    Posts
    84

    netcat on boot?

    Is there a way to get netcat to load and listen on a port at startuo in winxp pro?
    I've been googling but can't come up with an answer so I thought I'd ask here.
    I can manualy start it, but I want it to start everytime I boot with a set of commands to listen on a specific port.
    Could I add an entry to the autoexec.bat file? or autoexec.nt?
    any ideas would be great.
    You can\'t squeeze cheese from a goat before it\'s hatched.............

  2. #2
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    First hit on a Google for "netcat help"
    Netcat
    'Netcat' is a reliable "back-end" tool that can be used directly or easily driven by other programs and scripts. ... Help List, <giovanni@giacobbi.net> ...
    directory.fsf.org/netcat.html

    First hit on a Google for "winxp startup folder"
    Advanced Windows XP User Features > Modifying the Startup Folder
    Think of the Startup folder as a means for automatically configuring ... Like everything else in Windows XP, you'll find the Startup folder in Explorer. ...
    http://www.informit.com/articles/art...29744&seqNum=9

    Application of the ideas presented in these links is left to the student for practical excercise.
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  3. #3
    Member
    Join Date
    Dec 2001
    Posts
    84

    start up

    yes netcat can be loaded.......but how can I load it on boot with a nc -L-p 60 -e cmd.exe -d command?
    batch file?
    Ok...here's the full story......I'll probably be neged or banned.
    I was bored and wondering just how someone could get acces to an xp box, so I dug an old computer up from the basement and did a fresh install of xp pro with no updates, no firewall and no virus protector and hooked it up to my lan.
    I downloaded a well known exploit program, exploited the box and got a command prompt.
    Now I thought..........what can you do with a command prompt?...lots of stuff...
    I fired up a tftp server and remotely uploaded netcat and set it to listen to port 60 with a cmd.exe execute.
    now..........on reboot netcat no longer listens....so no backdoor....
    so I was wondering how netcat can be set to start on boot to listen on the port I want it to.
    I want to set it do do this remotly, this has to be done from a command line, or from editing a file that I can upload the the target box.

    This is just a learning thing on my own lan with my own box because I'm bored.
    I'll write a full tut if anyone wants, but I think Irongeek does a much better job with the videos.

    ban me neg me ........whatever
    You can\'t squeeze cheese from a goat before it\'s hatched.............

  4. #4
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Drop all the commands you need into a batch file..
    Have it start either via the startup folder by moving the batchfile into that folder or you can start it using the hkey_local_machine\software\microsoft\windows\currentversion\run registrykey..
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  5. #5
    Senior Member IKnowNot's Avatar
    Join Date
    Jan 2003
    Posts
    792
    Not a lot to say here, your question seems to have been answered.

    ban me neg me ........whatever
    Close, no cigar. Try again

    I'll write a full tut if anyone wants ...
    I don't know if this would warrant a tut, but maybe if you included what you found as far as hiding it, what works, what doesn't, and then how to discover it on the system, then you may have something.
    ( examples might be, maybe it was stealthy for a fresh original XP install, but did not work on a box with SP2 and the built in firewall enabled by default, or maybe an add-on firewall, what anti-virus software detected it, maybe even if something like spy-bot detected it. )

    Just a suggestion.

    But as for the command to run????

    Wouldn't it be more like:
    nc -l -p60 -d -e cmd.exe -L ???
    " And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes

  6. #6
    AO Curmudgeon rcgreen's Avatar
    Join Date
    Nov 2001
    Posts
    2,716
    You should be able to put the literal command string into
    a registry key, but I'm not an expert. All the other
    trojans do it that way to keep novice users from knowing
    about it.
    I came in to the world with nothing. I still have most of it.

  7. #7
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    IKnowNot "nc -l" would defeat the purpose of having it start up at boot for even a port scan would close it until the next boot. it needs to be "nc -L " for listen then listen again.

    hey old man! you can make the registry entry from a cmd shell using reg.exe. see "reg add /?" for the correct usage. and a bat file can be made using ECHO e.g. "echo [command] >nc.bat", if you need to enter more than one command use ">>" for append otherwise all you'll have is the last entry. sorry if you know this already, just trying to be helpfull!
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  8. #8
    Member
    Join Date
    Dec 2001
    Posts
    84

    batch file

    Batch file in the startup folder did the trick.
    Not stealthy at all, but that wasn't the point anyway.
    Thanks for the help. Now I'm going to start installing the windows updates to see at what point, if any, the backdoor get's closed. I'm also going to try avg, trend micro, avast, spybot, spyware doctor, zonealarm, and mabey a few others to see what programs detect nc and what ones don't.

    Thanks again for the help.
    You can\'t squeeze cheese from a goat before it\'s hatched.............

  9. #9
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    NetCat is neither a trojan or a virus. these AV's shouldn't detect it. it has too many practical uses.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  10. #10
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    I think Tedob~ is probably right but I would certainly add A-Squared to your list.

    http://www.emsisoft.com/en/software/free/


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •