INTRO

Have you ever played pwn challenges in a CTF? it is my favourite category in any CTF. it is another matter that I am not that pro in such challenges. in pwn challenges, you will be provided with a binary file to examine and to know how it works. there will be a server address too where you can find the same binary file hosted. it means if you will try to connect to the server via Netcat or Pwncat, you will see the same binary file running.

but how? how can someone just host a binary file on a TCP port? well, that’s what we are going to do in this article. for demonstration purposes, we will host the binary on our localhost. but before reading this article, I would like to suggest you my previous post on a pwn challenge.

Pwn challenge – Pancakes

If you have never done a pwn challenge before, you should take a look at CTFs pwn challenges. go into binary exploitation challenges category. you will get an idea of pwn challenges. it is not necessary but it is for your own good.

 

SETUP

We will need to install a utility called Tcpserver in our Linux. it comes with Ucspi package. you can install it manually but we are going to use apt command, obviously. type this command to install Ucspi in your Linux:

apt install ucspi-tcp

Screenshot:

Your output will be different. because I have installed it already y.

To install it manually, you can check out this page of the official Ucspi-tcp installation. follow the commands that are given there, and it will be installed easily.

After installation let’s check if we have installed tcpserver or not. type this command:

man tcpserver

Screenshot:

well, if you see the same result, you can run further commands with Tcpserver.

Do you want your server to print a string when a Netcat or any other client tries to connect to it? you can use this command to do such task:

tcpserver -v 127.0.0.1 4444 sh -c "echo 'BYEEEE'"

Screenshot:

 

Well, we have started a tcpserver or you may know it as telnetd. now we can connect to this port. type this command to connect with port:

nc 127.0.0.1 4444

Screenshot:

This is a simple use of Tcpserver. we just ran a command for a host who connects to our server.

but when you are doing it on a bigger scale. for instance, you are creating a server for a CTF pwn challenge. I would recommend you to add -RHl0 flag with the Tcpserver command. so, the command would be:

tcpserver -v -RHl0 127.0.0.1 4444 sh -c "echo 'BYEE'"

it tries not to get involved with DNS stuff. you should read more about this on its manual page.

But let’s say, we have a binary file which we are supposed to run when someone connects to our server on the chosen port number. type this command to do so:

tcpserver -v 127.0.0.1 4444 ./netx

Screenshot:

I am using my own created next binary( python tool ). you can replace it from your binary. and once the client tries to connect with it, he will see the output of binary:

Screenshot:
And don’t forget to use -RHl0 flag if you are using it publically.

 

 

 

Thanks For Visiting

 

4 COMMENTS

  1. Congratulation !! You have found this page. Now you can enroll to EHOMT 4.0 for just Rs 1 not because you cannot afford the original fee but you have the ability & passion to do this training of ethical hacking.
    Click Here To Enroll : 20 Winners have enrolled now, hence giveaway ended, Congratulations still if you tried and reached here. You have the ability but now seats are full so nothing can be done. Thanks

    • Sir I Found This But I Do Little Bit Late ! But Also Thanks For This Giveaway ! Mero Kismat Ma Tapai Ko Course Xainna Tw K Bhayo Mero Pura Zindagi Nai Cyber Security ra Ethical Hacking Lai Dina Tayaar Xu ! Bhale Kina Na Ma Commerce Nai Padhu !!!!!

LEAVE A REPLY

Please enter your comment!
Please enter your name here