News Register Control Panel Private Messages Members List Team Search News Posts About Us 		 

Back Channeling using Xterm
  Author: Ravish Ahuja
 Added: 12/21/2002
 Type: Tutorial
 Viewed: 15633 time(s)
 Average visitor rating of 9.3/10Average visitor rating of 9.3/10Average visitor rating of 9.3/10Average visitor rating of 9.3/10Average visitor rating of 9.3/10Average visitor rating of 9.3/10Average visitor rating of 9.3/10Average visitor rating of 9.3/10Average visitor rating of 9.3/10Average visitor rating of 9.3/10Average visitor rating of 9.3/10
Preparing for the attack

Now, in this scenario the attacker would take the advantage of the PHF exploit and one of the most useful X client to attackers called xterm. Xterm is an utility which is used to start a local command shell while running X. However, by enabling the -display option, the attacker can direct a command line shell to the attacker's X server.
Before we move further you might want to take a look at PHF exploit. In order to execute a command on the server the attacker would request for a URL using his browser at port 80 to the target server that looks something like:

http://target's.i.p.address/cgi-bin/phf?Qalias=x%0a/bin/cat%20/etc/passwd

Lets take a closer look at above URL. The URL would execute the command 'cat /etc/passwd'  on the remote web server and display the contents of /etc/passwd file to the attacker. Additionally, %20 is used at the place of spaces as %20 is the hex value of space.

Article Pages:  � Prev | 1 | 2 | 3 | 4 | Next �  


How would you rate this article:    Bad Good   Go � 


� Copyright Linux Advisory 2003. All rights reserved.
We are not responsible for the comment and story contributed by users.