GCC Compiler
There will be a time when you will need to compile a .c file.
It is best to compile on the machine you are working on. So upload or copy and past the files to the hacked box and compile them there. If you have problems with their compiler you can try to upload pre-compiled files.
One way to get the file up to the victims machine would be to use copy and paste. Get a good tsr or windows shareware program to do this if you do not have any way to do it now. You can copy a script file from one window and paste it into an editor on the victims machine, and then compile the new file. Walaa... no upload log of the file. You can copy and paste from the victims machine as well so that there are no download logs of ascii files.
To copy and paste you can just open an editor on the hacked box, and then copy from your other session, and paste your script into the editor and save the file. This way there will not be anything in the xferlog yet.
You can do the same thing with the password file. If you do decide to download the password file using ftp, make sure to copy it to your home directory first under a different name.
bash:/etc:> cp passwd $HOME/plog would copy the file called passwd from the /etc directory you were in, to your home directory in a file called plog instead of passwd. Admin's grep the xfer logs looking for who is downloading the passwd file.
Another way to get file to or from the box without showing up in the logs would be to open an irc session on the victims machine, then from your other session where you are already a user on irc, send the files using dcc.
The command to send the files would be /dcc send The command to get the file on the other side would be /dcc get
It would be nice if you had a bot loaded on the irc when you were hacking so that you could just send files to the bot and have it auto receive them.
A 'bot' is a robot program that you can load in the background on your shell account that will receive files, keep channels open, etc...
The GCC compiler is easy...
gcc filename.c -o filenameyouwant
If i was to compile a file called z2.c that would zap the log files i would type this:
gcc z2.c -o zap
This would give me a file that would exe, called zap.
If I just typed : gcc z2.c I would have a file named a.out, that was the executable file and would have to rename it to zap, or some name i would know by doing this: mv a.out zap
Now I would have a file named zap that was executable instead of a.out.
You will want to make sure you are not naming these files names that sys admin's will know. If you had a sniffer file called 'linuxsniffer.c' you don't want to keep the same name ;) call it something like:
gcc linuxsniffer.c -o lsn
Remember also sometimes you can execute these files names right in the directory by just typing the file name like for our 'lsn' (sniffer) above just by typing lsn. But sometimes this will not work unless you add a ./ to the command. So remember, sometimes you will need to type ./lsn or your file name.
Also there will be a time you will want a program to run in the background even after you logoff. Like in the case of the sniffer above. In this case you might want to name your sniffer something that would not be so easy noticed. Use your own style here. BUT to make it stay in the background while you are off the system you need to run the command with a & after the command.
lsn&
If you were to just type lsn, your screen would pause, and you would not be able to type while the program was sniffing, but if you typed lsn& it would load and the system prompt would come right back to you. Also the system would let you know it was loaded by giving you the process id # that it was loaded as.
You could view the process with the ps -x command, you might want to run
ps -auxe |more
a= all
u= show user
x= yours
e= env
some machines
f=tree
or command: pstree
It is best to compile on the machine you are working on. So upload or copy and past the files to the hacked box and compile them there. If you have problems with their compiler you can try to upload pre-compiled files.
One way to get the file up to the victims machine would be to use copy and paste. Get a good tsr or windows shareware program to do this if you do not have any way to do it now. You can copy a script file from one window and paste it into an editor on the victims machine, and then compile the new file. Walaa... no upload log of the file. You can copy and paste from the victims machine as well so that there are no download logs of ascii files.
To copy and paste you can just open an editor on the hacked box, and then copy from your other session, and paste your script into the editor and save the file. This way there will not be anything in the xferlog yet.
You can do the same thing with the password file. If you do decide to download the password file using ftp, make sure to copy it to your home directory first under a different name.
bash:/etc:> cp passwd $HOME/plog would copy the file called passwd from the /etc directory you were in, to your home directory in a file called plog instead of passwd. Admin's grep the xfer logs looking for who is downloading the passwd file.
Another way to get file to or from the box without showing up in the logs would be to open an irc session on the victims machine, then from your other session where you are already a user on irc, send the files using dcc.
The command to send the files would be /dcc send
It would be nice if you had a bot loaded on the irc when you were hacking so that you could just send files to the bot and have it auto receive them.
A 'bot' is a robot program that you can load in the background on your shell account that will receive files, keep channels open, etc...
The GCC compiler is easy...
gcc filename.c -o filenameyouwant
If i was to compile a file called z2.c that would zap the log files i would type this:
gcc z2.c -o zap
This would give me a file that would exe, called zap.
If I just typed : gcc z2.c I would have a file named a.out, that was the executable file and would have to rename it to zap, or some name i would know by doing this: mv a.out zap
Now I would have a file named zap that was executable instead of a.out.
You will want to make sure you are not naming these files names that sys admin's will know. If you had a sniffer file called 'linuxsniffer.c' you don't want to keep the same name ;) call it something like:
gcc linuxsniffer.c -o lsn
Remember also sometimes you can execute these files names right in the directory by just typing the file name like for our 'lsn' (sniffer) above just by typing lsn. But sometimes this will not work unless you add a ./ to the command. So remember, sometimes you will need to type ./lsn or your file name.
Also there will be a time you will want a program to run in the background even after you logoff. Like in the case of the sniffer above. In this case you might want to name your sniffer something that would not be so easy noticed. Use your own style here. BUT to make it stay in the background while you are off the system you need to run the command with a & after the command.
lsn&
If you were to just type lsn, your screen would pause, and you would not be able to type while the program was sniffing, but if you typed lsn& it would load and the system prompt would come right back to you. Also the system would let you know it was loaded by giving you the process id # that it was loaded as.
You could view the process with the ps -x command, you might want to run
ps -auxe |more
a= all
u= show user
x= yours
e= env
some machines
f=tree
or command: pstree
No comments:
Post a Comment