Netcat Basics (Bind Remote Shell)

Netcat Remote Bind Shell is Part 3 of the video series on Netcat usage basics. In this video we will look at how to bind a shell to a port and allow a remote Client to send arbitrary commands. Behind the scenes Netcat maps the stdin, stdout and stderr of bash to the socket. Thus all inputs sent by the Client is interpreted as command line input in bash and all command outputs are sent back by bash to the Client will be through the network socket. Interestingly, Remote Bind Shell is the most common technique used by hackers to access remote systems. Also, in many cases such as the Blaster Worm, the windows cmd.exe (bash on windows) was bound to a remote port of the victim. Using this cmd.exe the worm used the tftp protocol to get a copy of itself and further propagate.

Enable Javascript or Download Flash Playe if you see this!

Links:

1. Netcat Homepage

2. Download Netcat

Vivek Ramachandran is a security evangelist and has been working in computer security related fields for the past 7 years. In 2007, Vivek spoke at world renowned conferences Defcon (WEP Cloaking Exposed) and Toorcon (The Caffe Latte Attack). The discovery of the Caffe Latte Attack was covered by CBS5 news, BBC online, Network World etc news agencies.In 2006, Vivek was announced as one of winners of the Microsoft Security Shootout contest held in India among 65,000 participants. He has also been a recipient of a Team Achievement at Cisco Systems for his work on 802.1x and Port Security modules on the Catalyst 6500 switches. Currently he spends all of his time maintaining Security- Freak.Net , SecurityTube.Net and is the founder of an online startup (currently in stealth mode). Vivek, is a Bachelor in Electronics and Communications Engineering from the prestigious Indian Institute of Technology, Guwahati.You can contact him at vivek[at]securitytube.net