most servers are firewalled and so most of bindshells wont work anymore,
***the old school
http://packetstorm.linuxsecurity.com/advis...uid/bindshell.c <- upload it for some reason...
so here how it works now...
***the new school
there are two files on this but both do the same thing, so choose your file.
http://www.geocities.com/jerb0x/sys/cbd.c
http://www.geocities.com/jerb0x/sys/cbs.pl
its self explanatory... dont try this at home okay?
Regards and Many Thanks to sysmon
\m/ stay SIC \m/
Courtesy of (P)inoy (H)acking Team
Full Version: Using Connect Back Instead Of Bindshells...
Geocities links are down
Reverse shells can be better than bind shells under some circumstances, but I prefer VPN clients over both of them, it can bypass firewalls, and after you have it connected, you can exploit it again, and have either, or even both reverse and bind shells connect.
QUOTE(sarkar112 @ Apr 7 2006, 03:31 AM) 
Reverse shells can be better than bind shells under some circumstances, but I prefer VPN clients over both of them, it can bypass firewalls, and after you have it connected, you can exploit it again, and have either, or even both reverse and bind shells connect.
nice,
can a VPN connection be automated/scripted?
QUOTE(crock @ Apr 7 2006, 07:23 AM)
QUOTE(sarkar112 @ Apr 7 2006, 03:31 AM)
Reverse shells can be better than bind shells under some circumstances, but I prefer VPN clients over both of them, it can bypass firewalls, and after you have it connected, you can exploit it again, and have either, or even both reverse and bind shells connect.
nice,
can a VPN connection be automated/scripted?
If you are exploiting a system remotely, you can use the simple download and execute shellcode, in my opinion dl&exec is currently awsome (and simple) shellcode, because you dont need to spend time writing a certain type of shellcode, just upload a file to a webserver, and use dl&exec shellcode to retrive it and execute it.
reverse shell rules 
it bypasses firewalls, routers and u dont need to connect...u will receive the connection
also it is better than bindshells even when u use it along VPN clients, so I think bindshells are useless, even when u are exploiting a non-firewalled pc on the same LAN
it bypasses firewalls, routers and u dont need to connect...u will receive the connection
also it is better than bindshells even when u use it along VPN clients, so I think bindshells are useless, even when u are exploiting a non-firewalled pc on the same LAN
Yeah !!!
I think the same as you edu19 , Cuz with my experience with some bindshells and ReversShells with some different Xploits , I can tell you than reverseShell works 10 times better that bindShell , cuz most of time the FW let you to connect back , but not to connect on ... ;o)
I think the same as you edu19 , Cuz with my experience with some bindshells and ReversShells with some different Xploits , I can tell you than reverseShell works 10 times better that bindShell , cuz most of time the FW let you to connect back , but not to connect on ... ;o)
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.