To interact with a backdoor that you have created or found, double-click the server object in the BO2k workspace to bring up the BO Server Connection window as shown in Figure 11-12.
If you have already created and configured the server and client according to previous sections in this chapter, you are good to go. Otherwise, if you interacted with other servers using the same plug-ins but with different settings, then you need to reconfigure the client's plug-ins to match those of the server to which you are about to connect. Do this by clicking the plug icon in the center of the BO Server Connection window in Figure 11-12 and changing theappropriate settings. Unless you're using some of the more advanced client-side plug-ins, you should only need to tweak the IO and Encryption plug-in settings.
With the configuration issues out of the way, usage of the backdoor is very simple. Click the Connect button and if all goes well, the client retrieves a list of plug-ins and available commands from the server, such as those shown in Figure 11-13.
The structure that appears in the left box of Figure 11-13 is the list of commands available on the server. The window at the bottom is the response box. Run commands by highlighting them in the command box (after setting any command-specific variables), then clicking the Send Command button on the right. Output from the command is displayed in the response box. For example, if the srv_control.dll plug-in is loaded in the server, expand the Server Control folder in the command box, highlight List Plug-ins, and then click Send Command. A list of the plug-ins loaded in your backdoor appears in the response box.
Warning
Be careful when using BO2k. It is possible to crash the server if you get creative with the commands. For example, remove the srv_control.dll plug-in and then try using that same plug-in to get a list of available plug-ins. If the server is not set up to restart itself, you are going to have to find a way to restart the backdoor without using BO2k or else wait until the system is rebooted. It is better to be familiar with how everything behaves in a controlled environment before you take it to the real world.
Now that everything is working, experiment with the other plug-ins supplied with the server and see what kind of functionality they can offer you. A backdoor with only the srv_control.dll module loaded is not very useful, but it does allow you some core functionality, such as restarting the server, managing plug-ins, band adding, or removing new listeners. BO2k Powertools and Concealing the BO2k Protocol explore adding the more powerful plug-ins to both the client and server in order to make it a more usable backdoor.