OK so you have a shell on a Unix server. Your problems will be twofold - the
host does not contain any useful security tools and there is no compiler
(gcc,cc) on the server. So even if you transfer your C-code to the victim
there is just no way to compile it. Don't even think of transferring the
binaries unless the victim is running the exact same OS. This is the reason
why I like to keep things very simple - try to keep your goodies in shell
script or PERL - makes is very platform independent. Chances are very good
to find PERL on the victim - most OS'es have PERL in its distribution.
If you need a tool that is not available in PERL or script then you have to
re-compile it on the victim's platform. If the victim have no compiler, or
the program does not want to compile (making nmapfrom sources on a VMS
mainframe can become hairy) then you will have to find a "friendly" platform
where you can compile the sources and transfer the binaries to the victim.
This is not so easy as it seems and you will see many "If anyone has an IRIX
machine to spare drop me a mail"-type messages in hacker newsgroups or
mailing lists.
host does not contain any useful security tools and there is no compiler
(gcc,cc) on the server. So even if you transfer your C-code to the victim
there is just no way to compile it. Don't even think of transferring the
binaries unless the victim is running the exact same OS. This is the reason
why I like to keep things very simple - try to keep your goodies in shell
script or PERL - makes is very platform independent. Chances are very good
to find PERL on the victim - most OS'es have PERL in its distribution.
If you need a tool that is not available in PERL or script then you have to
re-compile it on the victim's platform. If the victim have no compiler, or
the program does not want to compile (making nmapfrom sources on a VMS
mainframe can become hairy) then you will have to find a "friendly" platform
where you can compile the sources and transfer the binaries to the victim.
This is not so easy as it seems and you will see many "If anyone has an IRIX
machine to spare drop me a mail"-type messages in hacker newsgroups or
mailing lists.
No comments:
Post a Comment