Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint

Shell Shoveling

Now that we see how to establish a backdoor against a system we have direct access to, what happens if you encounter a firewall that prohibits all incoming ports, or encounter a network that changes frequently, resulting in us not being sure where our compromised system is? You will have to force the compromised server to initiate the communication, which involves Shell Shoveling.

Shoveling with No Direct Connection to Target

Sometimes it is necessary to force the compromised system to communicate back to the attack system, depending on what network defense mechanisms are in place to prevent unfettered communication between the two systems. In Figure 5.20, we will do something quite different than in previous examples; we will be sending our data across three different applications. The first command is netcat, where we tell it to connect to our attack system over port 4321. We then “pipe” our command line to run the bash shell. The pipe allows all data received over port 4321 to be sent to the bash shell. We add another pipe and run netcat again to connect to our attack system, but this time on a different port, port 4322. The second pipe forces any data originating from our bash shell (e.g., responses to our command) to push it over port 4322. Notice we do not have a listener running at all on our compromised system. If our compromised system changes IP addresses regularly, or if we have very limited, or intermittent access to the system, we cannot rely on our ability to connect to a listener. In these situations, shell shoveling is invaluable.


  

You are currently reading a PREVIEW of this book.

                                                                                                                    

Get instant access to over $1 million worth of books and videos.

  

Start a Free Trial


  
  • Safari Books Online
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint