As promised below is a link to the netcat like callback program. It’s sole purpose is to send back cmd.exe to the IP and port of your choosing. Default is 10.0.0.1 on port 1025. These can be redefined in main.c. There is no window on the client so it is relatively stealthy. Just start your listener with something like ‘nc -l -v -p 1025’. I’ve already used this successfully in a pentest.
Feedback Always Welcome
If you've used something I've developed and have any comments, questions or features you'd like to see let me know.
-Tyler
Archives
- July 2020 (1)
- February 2017 (1)
- December 2016 (1)
- January 2014 (1)
- November 2013 (1)
- June 2013 (1)
- August 2012 (1)
- July 2012 (1)
- January 2012 (3)
- December 2011 (1)
- November 2011 (1)
- October 2011 (3)
- November 2010 (1)
- June 2010 (1)
- September 2009 (3)
- August 2009 (1)
- June 2009 (1)
- May 2009 (1)
- April 2009 (3)
- March 2009 (1)
- February 2009 (2)
- January 2009 (2)
- November 2008 (2)
- September 2008 (2)
Categories
Twitter Feed
- RT @Erdal_Ozkaya: I would like to thank all the experts who has contributed in my latest book ,"Incident Response in the Age of the Cloud"… 1 year ago
- @sum_b0dy @2600 Holy cow, I remember that exact issue! I think I still have it in a box somewhere. Good memories! 1 year ago
- Do I have any friends that have experience writing a Windows Credential Provider? I know a cool authentication star… twitter.com/i/web/status/1… 1 year ago
Tyler Wrightson's Security Blog 