Does anyone know if it is possible to make backdoors with telnet or xterm on a linux system. I somewhere read that you could make telnet spit out a /bin/sh to a remote host.
Also I checked the man pages for both and found next to nothing
thanks
Printable View
Does anyone know if it is possible to make backdoors with telnet or xterm on a linux system. I somewhere read that you could make telnet spit out a /bin/sh to a remote host.
Also I checked the man pages for both and found next to nothing
thanks
It's not a feature of telnet or xterm. Attackers replace the existing copies of the telnet/xterm/ssh/etc. programs with ones that more-or-less appear to work the same, but actually do something evil, in addition.
Programs like tripwire will help detect these changes.
Think you may be referring to shoveling an XTERM back. The person would have to obtain some kind of access to your system first, but if you do not have a firewall/router blocking outgoing connections, they could send an exterminal back to their own pc, in essentially one command.
To test for yourself, goto system1:
DISPLAY=<system2>:0.0; export DISPLAY
system2:
xhost +system1
system1:
xterm & (or whatever the binary is on your system).
You should notice that the xterm from system1 now appeaers on system2 as would any gui window executed from the same shell where you set your DISPLAY environment variable. Can be nice, but can be painful too...
Also note, you could do the same thing if the system had rexec or rcmd running (you do have to change up the command line to tell the system where to pipe the xterm, but it works nonetheless).
I would assume this is roughly what you are asking?
/nebulus
nebulus200 thanks for the help.
Do you know any informative links where I could learn more?
Unfortunately no, most unix books should at least discuss it briefly...
Here are the first few that turned up in google:
http://www.bu.edu/cc/support/aboutun...ral/xterminal/
http://bau2.uibk.ac.at/matic/xsecur.htm
http://bau2.uibk.ac.at/matic/ccxsec.htm
http://secinf.net/unix_security/Impr..._security.html
/nebulus
One place you can try is the Hacking Exposed 4 book by Foundstone. They discuss this in detail along with ways to prevent it. I know this isn't a link but I do know that the info you most likely want is in the book.
Thehorse13 is right, as usual. I read about that in Hacking Exposed. I have the third edition though.
Maximum Linux Security also talks about it.
It is also possible to use netcat to make telnet or xterm to listen on any port of the attackers choice...
Most won't do this (hopefully)... as it will be open to anyone who tries to connect.
Quote:
Originally posted here by phishphreek80
It is also possible to use netcat to make telnet or xterm to listen on any port of the attackers choice...
Most won't do this (hopefully)... as it will be open to anyone who tries to connect. [/B]
Yes, thats what I was exactly going to suggest to him! :)
Netcat is a tool of wonders. You may want to do some research on Cryptcat and/or Socat.
I don't know any thing on telneting.could someone please tell me what it is and how to do it?[it would be appretiated]{thanks}:D
kyleiscool: You should do some searching of the forum, as this has been discussed time and time again. Below is a link to get you stared. The search feature is at the top right of the main page.
You can also find a lot of good info about telnet by using www.google.com
The main thing you need to know is DON'T USE IT ACROSS THE INTERNET!
It is by NO means secure... everything can be captured.
If you are just exploring and learning how protocols work.. then fine, it is good for that.
BUT, thats about it.
You can use it on your trusted LAN... but there are far better alternatives... such as ssh (secure shell).
http://www.antionline.com/showthread...hreadid=251708
PS: I hope that isn't your real address that you put in your "location field" of your profile. Everyone can see that. It isn't wise to put your personal info up for the world to see... you make yourself an easy target for identity theft. or.. psycho serial killers... muhahaha muhahaha
wow... you're only 13-14yrs old? maybe its time your parents had a talk with you about what info NOT to give out while online. Its a very dangerous world... there are some very scary people out there. you should NEVER give out your info to ANYONE. Just like in the real world... you wouldn't tell a stranger where you live, would you?
Like said before, this is a feature not a bug..Also im not sure if anyone said anything about it, but you might want to look at reverse telnet and back channeling also...Definetely buy one of the hacking exposed books..
thanks for all the advice everyone.
Right now i'm testing xterm/xhost on my system right now, and still having problems.
I created two ips on loopback since I only have one computer at the moment.
IP:10.10.10.2
xterm -display 10.10.10.1
IP:10.10.10.1
xhost +10.10.10.2
From ip 10.10.10.2 I get the following errro: "Can't open display: 10.10.10.1"
What am I missing?
Try "xterm -display 10.10.10.1:0.0"
Edit:
Perhaps a bit more explanation is in order. X windows can have multiple session per machine, and multiple screens per session. The ":0.0" specifies display 0 and screen 0. If you had a dual-head graphics card, you'd probably have two screens: 0.0 and 0.1. You can set linux up to run multiple X sessions on one machine (rather like Mac OSX's "fast user switching", but without the spiffy animation) (google for: multiple X sessions). With a bit more effort, you can supposedly use multiple video cards, keyboards, and mice to allow multiple people to use X-Windows on the same machine at the same time.
I forgot about that part j3r, but it still didn't work. I must be way off somewhere. I read this from a followup elsewhere:
> localmachine-xterm$ export DISPLAY="localmachine:0.0"
>
> localmachine-xterm$ xhost +remotehost
> "remotehost" added to access list.
>
> localmachine-xterm$ telnet remotehost
> ## Log into remote host
>
> remotehost$ export DISPLAY="localmachine:0.0"
> remotehost$ xterm
so right now i'm trying to fool with this
br: are you doing it in the right order? You have to xhost +whatever first, then open the xterm.
yeah I"m running xhost first, do I have to specify a username and a uid w/ xhost?
No. X display security is entirely host-based. (Yay!) (X was developed back in the days when, if you knew how to use Unix, you knew everyone else who knew how to use Unix. Security was not much of an issue.)Quote:
do I have to specify a username and a uid w/ xhost?
What about Magic Cookies? Yummy. :)
-Maestr0
hi kyleiscool
im the same ive just started and it is really hard. damn, ive just today realised that my computer had telenet!!!
cr1m5on: It's telnet mate, not telenet. Those are two completely different things. :-P Just wanted to point that out to ya.
I'm also around here since I was 13 :D, no forum yet then I think :DQuote:
wow... you're only 13-14yrs old? maybe its time your parents had a talk with you about what info NOT to give out while online. Its a very dangerous world... there are some very scary people out there. you should NEVER give out your info to ANYONE. Just like in the real world... you wouldn't tell a stranger where you live, would you?