Hi every one,
Last night, I scanned my server with nmap and found it was backdoored . I 've removed the backdoor and hardened my server. And an idea opens in my mind :): Someone (mr A) hacked into my server and installed a backdoor. An other guy (mr B) scans my server and found the backdoor like "31337/tcp open shell bind shell (*BACKDOOR*)". Is there anyway mr B can gain access to the backdoor was installed by mr A?
1 Response
I think it'll depends on the backdoor...
If the very simple or wellknown backdoor is well known then yes. Any "passer-by" would be able to connect.
If it's a "proprietary" backdoor it may be harder. The backdoor may contain some sort of authentification system in order to grant to its owner an exclusive access or may have unique "communication protocol" that only its creator knows (in that case the opportunist hacker would need to reverse engineer the communication process).
Share Your Thoughts