hi
This is related to my firewall killer post. My plan is to write or modify and existing xdcc bot, so that upon a xdcc request, the firewall is disabled, the pack sent and then when the download completes, the firewall reenables.
This would allow any firewalled vic to become an xdcc bot, with less risk of being detected (on the less busy xdcc networks).
If anyone else has ideas on how to get around firewalls for this type of purpose please reply - n.b. I thought about manually configuring software firewalls to open a port for xdcc sends, but given the number of different firewalls out there, im not sure this is feasible.
thanx
Full Version: Xdcc Bot
If the firewall is initially enabled, how would the bot recieve the DCC request in the first place?
what you probably want is at http://iroffer-lamm.sourceforge.net/
Here is a quote from the change log:
Here is a quote from the change log:
| QUOTE |
| Added mIRC-style "DCC Server" protocol for sends |
Basically, if the box is firewalled, you can
set it up so that the bot initiates the connection.
that sounds perfect. if only i had found out about that before!!!
can anyone explain the config script:
## - Lamm add-ons - ##
## ##
## dccserverport <port> - mIRC-style dccserver port number (def:0 = off) ##
## rsend yes - only works in connection dccserverport for now, ##
so i can specify any port i want, or does the port need to be opened on the firewall 1st?
e.g. will this work:
dccserverport 45000
rsent yes
if its a revcon, then i think i dont need to open the port.
thanx for the help again.
can anyone explain the config script:
## - Lamm add-ons - ##
## ##
## dccserverport <port> - mIRC-style dccserver port number (def:0 = off) ##
## rsend yes - only works in connection dccserverport for now, ##
so i can specify any port i want, or does the port need to be opened on the firewall 1st?
e.g. will this work:
dccserverport 45000
rsent yes
if its a revcon, then i think i dont need to open the port.
thanx for the help again.
the port needs to be open.... on the firewall....
eg. if port 8080 is blocked, then setting it to this port wont work...
tho the port can be set to any current open ports
i dont think it uses the local machine's port
eg. if port 8080 is blocked, then setting it to this port wont work...
tho the port can be set to any current open ports
i dont think it uses the local machine's port
what would be cool, is a iroffer working like a lan bypass rev con. often the fast connections are behind routers, and it's not feasible to remotely configure the router.
so i guess, in that situation i have to scan the pc, and hope for a free open port. if there isnt one, there is nothing i can do.
can someone explain to me, the difference between the fserve approach used in this version of iroffer, and the revcon method used in modern RATS?
so i guess, in that situation i have to scan the pc, and hope for a free open port. if there isnt one, there is nothing i can do.
can someone explain to me, the difference between the fserve approach used in this version of iroffer, and the revcon method used in modern RATS?
This msg has nothing to see here but I canīt post new messages and I just wanted to share that link which is quite usefull if you want to disable all the dcom of windows after patching your machine..
http://grc.com/dcom/
http://grc.com/dcom/
hxxp://iroffer.org/
This i an open source bot for Linux, which also runs under windows with the cygwin dlls. The source is also available.
This i an open source bot for Linux, which also runs under windows with the cygwin dlls. The source is also available.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
