the-binary - Command 8 - kill service


This command causes the agent to execute a command on its host system.  No results are returned to the handler.


A handler sends the following command to have the agent terminate any service it is currently executing (xxx = don't care):
2 xxx xxx 8
padding for a minimum packet size
of 201 bytes including the IP header
NOTE: the shaded bytes must be encoded prior to transmission to the agent.


Upon receipt of a status request message, the agent will terminate any service it is currently executing, though the agent itself will not terminate.  The following agent operations constitute services that an agent may be executing at any given time: This is the only means by which to terminate an active DoS flood or to close a backdoor listener.  It is possible, though somewhat more operator intensive to use an established root shell to kill service processes.

It seems likely that the author intended a maximum of one service to be active at any given time.  i.e. this agent can't perform both a ping flood and a SYN flood at the same time.  Nor can an agent be accepting backdoor connections while performing any of its DoS services.  This restriction does not prevent the existence of a root shell while a DoS is being performed.  A root shell can be opened and a Dos active using the following steps:

  1. Activate the backdoor service with command 6
  2. Open a remote root shell with your tool of choice, netcat perhaps.
  3. Terminate the backdoor service by sending command 8
  4. Activate one of the DoS services
You now have an available root shell while a DoS is in progress