This is a video I made to quickly demonstrate some Web App Backdoors.
I demonstrate Weevely; FireInTheHole.py; PHPSploit; and two standard "web shells", the WSO2.php shell and the ITSecTeam shell.
I occasionally comment on each ones shortfalls, but here is the simple TL;DR one.
Weevely is amazing to use, has LOADS of features, the netcat bind and backconneect shells work perfectly, but it is slightly confusing for the first time user. It also remembers your current working dir and has a very intuitive shell (just like BASH) and fairly good error handling.
You can get it HERE: Weevely
FireInTheHole.py is fast, simple to use, uses both POST and/or GET and gives a terminal like session. It has no advanced features but has a couple of bugs, namely its non-interactive state. It *does* remember your current working dir however, which is very advantageous.
You can download it HERE: Fireinthehole.py
PHPSploit is a VERY nice "framework" which is currently in beta and has great potential. It looks a LOT like Metasploit, and I envision it becoming popular sometime in the future. It works fine, allows you to pull a lot of info, however it has some issues. It does not remember current working dir at all, so it can be rather annoying to "stack" commands for different dirs.
You can download it HERE: PHPSploit
I then demo the WSO2 PHP backdoor, which was failing pretty hard (some functions missing) and the ITSecTeam PHP backdoor, which seems designed to be "skid friendly" and has loads of features. I suspect both may be backdoored but have not investigated... YET. Neither had a functional backconnect or bindshell, and had a load of errors/bugs. I recommend *not* using these. You may find examples on google, and I plan to upload them myself later.
Now its video time!
No comments:
Post a Comment