reverse Telnet
Množina: reverse Telnets
Initiating a Telnet session from the host instead of the client.
Reverse Telnet (sometimes called direct Telnet) is a technique sometimes used by administrators for troubleshooting remote hosts, particularly for configuring routers and access servers. However, attackers also can use it to try to compromise a vulnerable system by obtaining an interactive shell for running commands on the system. In a typical scenario a Web server vulnerable to a malformed Uniform Resource Locator (URL) exploit might be running behind a firewall that blocks all ports except ports 80 and 443, the standard and secure ports for Hypertext Transfer Protocol (HTTP) traffic. The attacker first opens two Netcat windows on the attackers own machine, one listening to port 80 and the other to port 443. The attacker then performs an exploit by sending a URL that starts the Telnet client on the target machine to connect to one Netcat window and pipe any commands typed there into a shell running on the other Netcat window, creating a back channel that can be used to run arbitrary commands on the target. Similar exploits can be performed using Xterm or Nc if they are running on the target host and no Telnet client is available on the target.
Regdmp · registration authority · remote administration tool · resource exhaustion attack · restrictive shell · reverse Telnet · reversible encryption · Rexec · logon rights · Rijndael · Rinetd