Re: Reverse Shell?
On Mon, 11 Jul 2005 15:50:32 +0100
Clive Menzies <clive@clivemenzies.co.uk> wrote:
> On (11/07/05 09:29), Jacob S wrote:
> > Hello list,
> >
> > Does anyone know of a way to do a reverse shell over ssh? Let me
> > explain what I am trying to do.
> >
> > I have a friend that I'm helping upgrade Debian on their desktop.
> > This friend is not very computer literate - even in Windows. So
> > they're having a problem that I need to troubleshoot, but they're
> > behind a firewall so I can't ssh into their computer.
> >
> > There are not currently any ports forwarded from the firewall to
> > this computer and we do not have any access to the firewall to
> > enable something like this, either. What I am hoping is that I can
> > have them establish an ssh connection into my firewall with some
> > software that would then allow me to get a shell on their computer.
> >
> > I've noticed revsh[0] looks like it was designed for this, but I'm
> > wondering whether anyone has experience with it or knows of
> > something better. The only time I've heard of something like this
> > being done was in a rootkit, so I'm hoping to find some trustworthy
> > code that isn't likely to have a backdoor in it. (If such a thing is
> > possible. :-)
>
> A little knowledge is a dangerous thing ;) ..... but have you looked
> at netcat?
hmm... I'm not sure I understand how to do it this way. Wouldn't I need
a service listening on my end that his netcat could connect to? Perhaps
it would be as simple as me starting a netcat that would accept
connections from him and let me use ssh to go through my netcat, which
would then go through his netcat which would then go into his ssh?
I'm afraid I may be turning this option into a bowl of spaghetti instead
of a useful loophole. :-)
Thanks,
Jacob
Reply to: