today I want to share a little perl script that has been very useful in my past security experiences. It’s a simple “Connect Back Shell”. Nowadays computer are behind NAT and/or firewall which makes hard connecting to an exploited machine. For this reason the “connect back shell” is a simple script which binds a system shell (/bin/ssh) directly to a socket and then connects the socket to the attacker address.
(Click the image to make it bigger )
There are many ways to do the same thing, some of them are better then the current script but this way is the most simple and fast one. Obviously you need to inject this script on the attacked machine thus trigger it. With this script you need to assume perl environment installed on the target machine, correct rights etc… Metasploit PAYLOAD generator (tag -t exe) is another good way to make it as described here.
Hope this script could be useful to you guys … at least to learn perl scripting …