Im working on a simple backdoor, but i want to build in ip restriction and a few kinds of authentiecation.

But the i need to send that from the client i want to do this with packets so if you have the client you can gain access to the backdoor.

But i don't know realy how create my own packets, and else would be fun is to add IP spoofing so you can use the clients on every host.

So could anyone give me some pointers?

You might want to read about port knocking, i think your trying to achieve a similar concept. Are you coding this in C++?

i could use some pointers too for C++ / C# rather C#

didn't found much atm :-/

all the help is welcome

grtz

yeah i c++ and the backdoor is as good as finished i only need o do de ip risteiction and the client

DumpZ,

one word: nemesis

two words: man nemesis

example

nemesis tcp -a 56 -s 23 -D 192.168.13.19

Random Source Address, and a hell of alot more options... Have a look at the man pages.

Well nemesis is a great utility but it only works with a certin version of winpcap dosen't work with any newer version i forget the version that it will only support under...sorry...then agian you can just download the unix version

one word: dual-boot

two words: linux vmware

Those are the two best options.

Use vmware and load up and .iso file of a live linux distro. Works perfectly

Use vmware and install debian etc to that virtual drive, and it works even better...

Or, as i have done, install linux then use vmware to boot a windows drive....

well i my other box is running linux, but could i even make packets with that for telnet or other unecrypted protocols ?


anyway thanks i'll give that a try


/edit


it's a very usefull program but i alsmost created my packet but i have absolutely no idea how i can use it because it only sasy tcp packet injecnted

when i simply set up nc lvp 5555

and i do on my unix box

nemesis tcp -v -S 192.168.1.1 -D 10.0.0.151 -fSA -y 5555

then i don't get and connection from 192.168.1.1

Why you dont try to build your own packet with raw socket ?
If it s only one packet it s very easy or try with the redkod raw socket dll.

You should run TcpDump or a similar tool to dump the packets in real time...
and secondly you should setup a sniffer to grab the packets in transit...
this will let you know if the packets reached the port and if it was rst / filtered / closed etc,...

well my backdoor is kinda like netcat zo thats why i tested that this way

DumpZ,

When i was researchign ARP Injection, ethereal was ran about a hundred times. No Joke.

Just run tcpdump/windump/ethereal and find the packet you want to replicate

read the man pages of nemesis and find the options (as i think you may have already done) that match your crafted packet to the original packet...

However, im starting to think, as someone else just mentioned, using raw sockets. If you can program, it shouldnt be hard to do it in your favourite language, if not, then persist with nemesis.

Also, add the option -vv not just -v so you will be able to see the options you declared.