agentaika Posted November 16, 2008 Share Posted November 16, 2008 I'm having a hard time finding a direct example on how to do this. If I wanted to upload a file to someone's computer [FROM /home/me/file.txt --> TO c:/windows/], or get a file from someone else's computer [TO /home/me/ <-- FROM c:/windows/file.txt] what would I need to type in? I use Backtrack 3 for my penetration tests. Quote Link to comment Share on other sites More sharing options...
agentaika Posted November 16, 2008 Author Share Posted November 16, 2008 I found a solution. I have to use something called PuTTY http://the.earth.li/~sgtatham/putty/0.60/htmldoc/ Quote Link to comment Share on other sites More sharing options...
PLuNK Posted November 16, 2008 Share Posted November 16, 2008 Yep putty is pretty popular. Quote Link to comment Share on other sites More sharing options...
Joerg Posted November 16, 2008 Share Posted November 16, 2008 I thought PuTTy isn't capable of transferring files. I would have proposed WinSCP running with wine or the command "scp". Quote Link to comment Share on other sites More sharing options...
X3N Posted November 16, 2008 Share Posted November 16, 2008 I found a solution. I have to use something called PuTTY http://the.earth.li/~sgtatham/putty/0.60/htmldoc/ LOL putty is awesome but you might wanna try out filezilla with sftp might be easier for you to use... Quote Link to comment Share on other sites More sharing options...
agentaika Posted November 16, 2008 Author Share Posted November 16, 2008 I thought PuTTy isn't capable of transferring files. You can transfer files with PSCP, PuTTY's "secure copy client." http://the.earth.li/~sgtatham/putty/0.60/h...pter5.html#pscp LOL putty is awesome but you might wanna try out filezilla with sftp might be easier for you to use... I'll look them up. Thanks folks. Quote Link to comment Share on other sites More sharing options...
geekdba Posted November 16, 2008 Share Posted November 16, 2008 You could also use psftp from the putty suite of apps psftp Quote Link to comment Share on other sites More sharing options...
agentaika Posted November 16, 2008 Author Share Posted November 16, 2008 Ugg... This is so overly complicated... For the last 40 minutes now I've been trying to log into my own ftp using PuTTY, pscp, and psftp, but I keep getting "connection refused" and other error messages. Is there an easy way to and transfer files to and from a remote computer using ssh and the command terminal in Linux? In a perfect world the command SHOULD read 'sshlogin username:password@55.123.55.12 upload /home/me/test.txt to c:/temp' but, of course, none of the examples I've found give anything this clear. lol Quote Link to comment Share on other sites More sharing options...
Sparda Posted November 16, 2008 Share Posted November 16, 2008 Are you running a SSH service on the remote computer? Quote Link to comment Share on other sites More sharing options...
agentaika Posted November 16, 2008 Author Share Posted November 16, 2008 Are you running a SSH service on the remote computer? I don't think so. No. Quote Link to comment Share on other sites More sharing options...
Sparda Posted November 16, 2008 Share Posted November 16, 2008 That would be why it isn't working. Quote Link to comment Share on other sites More sharing options...
agentaika Posted November 16, 2008 Author Share Posted November 16, 2008 That would be why it isn't working. Goodness.... If I wanted to get remote access of a Windows computer without the admin's permission using Backtrack Linux, what would I need to use? My guess is that I would have to start with a scan using nmap and/or hping, look for open ports and vulnerabilities, and then do a dictionary attack using THC-Hydra. I just don't know what to do after this point. My goal is to crack the admin's password, upload a text file into the c:/ folder, and download a file from the system32 folder. I want to do this for a test that I explained in detail here in this thread. Quote Link to comment Share on other sites More sharing options...
Sparda Posted November 16, 2008 Share Posted November 16, 2008 Why did a thread about SSH clients turn in to accessing a remote computer without authenticating? Quote Link to comment Share on other sites More sharing options...
PLuNK Posted November 16, 2008 Share Posted November 16, 2008 Just because a port is open doesn't mean a daemon/service is listening.. Quote Link to comment Share on other sites More sharing options...
agentaika Posted November 17, 2008 Author Share Posted November 17, 2008 Why did a thread about SSH clients turn in to accessing a remote computer without authenticating? Someone told me this was possible. Just because a port is open doesn't mean a daemon/service is listening.. So there is no way to upload a file to someone's computer, or download a file from their computer, without authenticating? Quote Link to comment Share on other sites More sharing options...
PLuNK Posted November 17, 2008 Share Posted November 17, 2008 Of course there is.. But not the way you want to.. Stop watching Hollywood movies that include hacking.. (Eg. Most of them :P) Just install a SSH daemon onto the target host & go nuts.\ And don't use Ubuntu either. Quote Link to comment Share on other sites More sharing options...
X3N Posted November 17, 2008 Share Posted November 17, 2008 Someone told me this was possible. So there is no way to upload a file to someone's computer, or download a file from their computer, without authenticating? connecting via ssh is possible without putting in a password if you do it correctly. There is still some "authentication" yet its done behind the scenes heres a link that shows you how its done. http://wp.uberdose.com/2006/10/16/ssh-automatic-login/ as far as sending files without authenticating... its never recommended but in some cases you may want to do this... the best way i can think of is to use netcat it isnt secure by any means but like i said sometimes its easier to just do it this way... ive done it before when dd'ing a hardrive image over the network to store it on another computer.... http://linux.byexamples.com/archives/227/c...le-with-netcat/ Quote Link to comment Share on other sites More sharing options...
agentaika Posted November 17, 2008 Author Share Posted November 17, 2008 Of course there is.. But not the way you want to.. Stop watching Hollywood movies that include hacking.. (Eg. Most of them :P) Just install a SSH daemon onto the target host & go nuts.\ And don't use Ubuntu either. But wouldn't I need permission to install SSH onto the target? I apologize for not explaining the point of my question before hand, but my question relates to a hacking test that I'm doing for my cousin. Before he goes public with his site, he wants to see if I can hack it. connecting via ssh is possible without putting in a password if you do it correctly. There is still some "authentication" yet its done behind the scenes heres a link that shows you how its done. http://wp.uberdose.com/2006/10/16/ssh-automatic-login/ as far as sending files without authenticating... its never recommended but in some cases you may want to do this... the best way i can think of is to use netcat it isnt secure by any means but like i said sometimes its easier to just do it this way... ive done it before when dd'ing a hardrive image over the network to store it on another computer.... http://linux.byexamples.com/archives/227/c...le-with-netcat/ netcat looks very promising. Thank you for the link. I'll look into it later today. Thank you all for your replies. Any additional information is welcome. Quote Link to comment Share on other sites More sharing options...
Sparda Posted November 17, 2008 Share Posted November 17, 2008 But wouldn't I need permission to install SSH onto the target? Without permission it would be a back door. Quote Link to comment Share on other sites More sharing options...
agentaika Posted November 17, 2008 Author Share Posted November 17, 2008 I just noticed that netcat hasn't been updated in 4 years. Does it still work as well today, or should I consider socat? http://www.dest-unreach.org/socat/ Without permission it would be a back door. Ah. So I need to use 'back door' as my search topic? That clears up a little confusion. Thank you. Quote Link to comment Share on other sites More sharing options...
Sparda Posted November 17, 2008 Share Posted November 17, 2008 http://en.wikipedia.org/wiki/Backdoor_(computing) Quote Link to comment Share on other sites More sharing options...
X3N Posted November 17, 2008 Share Posted November 17, 2008 I just noticed that netcat hasn't been updated in 4 years. Does it still work as well today, or should I consider socat? http://www.dest-unreach.org/socat/ Ah. So I need to use 'back door' as my search topic? That clears up a little confusion. Thank you. netcat is the bomb... still you should research reverse bind shells Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.