the-binary - Command 8 - kill service
Purpose:
This command causes the agent to execute a command on its host system.
No results are returned to the handler.
Format:
A handler sends the following command to have the agent terminate any service
it is currently executing (xxx = don't care):
| 2 |
xxx |
xxx |
8 |
padding for a minimum packet size
of 201 bytes including the IP header
|
NOTE: the shaded bytes must be encoded prior to transmission to the agent.
Action:
Upon receipt of a status request message, the agent will terminate any
service it is currently executing, though the agent itself will not terminate.
The following agent operations constitute services that an agent may be
executing at any given time:
-
A backdoor listener on port 23281
-
Any of the DoS floods
This is the only means by which to terminate an active DoS flood or to
close a backdoor listener. It is possible, though somewhat more operator
intensive to use an established root shell to kill service processes.
It seems likely that the author intended a maximum of one service to
be active at any given time. i.e. this agent can't perform both a
ping flood and a SYN flood at the same time. Nor can an agent be
accepting backdoor connections while performing any of its DoS services.
This restriction does not prevent the existence of a root shell while a
DoS is being performed. A root shell can be opened and a Dos active
using the following steps:
-
Activate the backdoor service with command 6
-
Open a remote root shell with your tool of choice, netcat perhaps.
-
Terminate the backdoor service by sending command 8
-
Activate one of the DoS services
You now have an available root shell while a DoS is in progress