Otherwise, this chapter can use the examples interchangeably with the windows version of netcat. This is a minor irritant, though, and rarely something that would be much of a concern. If you need to hide netcat by renaming it to something more common, you stand out more when you use flags not normally associated with whatever application you are trying to disguise yourself as. This is beneficial, since it eliminates additional system modifications or scripts needed to keep netcat alive, as required by Linux. When you use this flag, you can retain access to the netcat listener even after you have disconnected with the compromised system. For those who are attacking systems that use one of Microsoft's Windows operating systems, either as a target or attack platform, all the techniques in here will be identical with one very useful difference-the -L option. In Netcat Power Tools, 2008 Netcat on WindowsĪll of the examples I have given here have been within the Linux operating system. However, if we start typing in commands, we will see that we will get proper replies. Notice that there are no prompts indicating success or failure – all we receive upon connection is a blank line. The connection process is straightforward – we simply launch netcat to connect to 192.168.1.123, as seen in Figure 13.5. Once connected, we can begin to issue commands through the bash shell program. Now that we know there is a netcat listener running on the system, we can use our attack server to communicate with our target. In our example, it will be as the user “root.” This is important to remember, because these permissions may prevent the execution of the desired application, depending on what rights the netcat application inherits.
Permissions on Linux systems (as well as Microsoft Windows) are transferred whenever a process is launched in our example, the bash shell will inherit the same permissions of whoever started the netcat process, which was the system itself.
When a connection is made, netcat will execute the bash shell, allowing us to interact with the system. If we wanted to create our own listener for practice purposes, that's definitely a beneficial exercise. The netcat listener located on the Hackerdemia LiveCD server is already installed so that we can play with it.