the-binary - Command 6 - open backdoor listener


This command causes the agent to open a backdoor listener on port 23281.


A handler sends the following command to have the agent open a backdoor listener on port 23281 (xxx = don't care):
2 xxx xxx 6
padding for a minimum packet size
of 201 bytes including the IP header
NOTE: the shaded bytes must be encoded prior to transmission to the agent.


Upon receipt of a status request message, the agent will open a backdoor listener on port 23281.  A remote user connecting on this port will be given a root shell if the proper password is supplied as the initial data passed to the newly established connection.  The password required for this particular binary is "SeNiF".

NOTE: All communications over an established root shell take place without any encoding/encryption. If the kill service command (command 8) is used to close the backdoor, it has no effect on any established connections.