Όταν ένας web server και οι υπηρεσίες έχουν παραβιαστεί, είναι σημαντικό να διασφαλιστεί η ασφαλής πρόσβαση του hacker. Αυτό επιτυγχάνεται συνήθως με τη βοήθεια ενός web shell, δηλαδή ενός μικρού προγράμματος που μας παρέχει πρόσβαση και μας επιτρέπει να τρέχουμε commands in our remote location.
Kali distribution comes with many pre-installed web shells. In this guide we will use a popular PHP web shell called Weevely.
Weevely simulates a Telnet session and allows the hacker to exploit more than 30 modules after the exploitation for:
- Browse the breached system
- Transfer files to and from the compromised system
- Create reverse TCP shells
- Execute commands on remote compromised systems, even if restrictions have been applied security in PHP
Finally, Weevely tries to hide communications within an HTTP cookie to avoid being detected.
To create a php backdoor in Weevely, type the following command in your terminal:
Mandate:
This command will create a file weevely.php on the desktop. Below we will see an example of backdoor php with executing commands on remote systems that have been compromised, even if security rules have been applied to them:
So after you create your own backdoor.php, upload it to the compromised website where you found a security vulnerability.
To communicate with the web shell, simply enter the following command in your terminal, ensuring that the IP address variables of the directory and password of the compromised machine change with those of the compromised system:
Mandate: weevely http: // /
In the example shown in the screenshot above, we have verified that we are connected to the web shell, using the command uname -a and the pwd command.
The order cat / etc / password used to view passwords.
Finally the web shell can also be used to create a reverse shell connectionς, χρησιμοποιώντας είτε το Netcat είτε το Metasploit Framework as a local listener.
