CyberGuerrilla 2013
 Vol.3--No.2013 | 2 Users Online
Tuesday,Oct 15,2019 
By ro0ted avatar | May 30, 2013 - 16:09 | Posted in /b/ | Comments Off on #ro0ted #OpNewblood | WeBaCoo (Web Backdoor Cookie)

#ro0ted #OpNewblood | WeBaCoo (Web Backdoor Cookie)

WeBaCoo (Web Backdoor Cookie) is a web backdoor script-kit, aiming to provide a stealth terminal-like connection over HTTP between client and web server. It is a post exploitation tool capable to maintain access to a compromised web server. WeBaCoo was designed to operate under the radar of modern up-to-dated AV, NIDS, IPS, Network Firewalls and Application Firewalls, proving a stealth mechanism to execute system commands to the compromised server. The obfuscated communication is accomplished using HTTP header???s Cookie fields under valid client HTTP requests and relative web server???s responses.

First Download webacoo script from??here??on your desktop

Now unzip the file??unzip




Now Type Command:??./ ???g ???o webdoor.php

This will generate code for a backdoor (-g) Generate backdoor code (-o??is required). Here is a screenshot of the command terminal view:





Now upload that file in victim server, after uploading it, copy the URL of your uploaded file. Then type??following command:

. / -t?? -u




Ls????? List information about the FILEs (the current directory by default)





Uname ???a????? print all information

Free????? display information about free and used memory on the system

pwd??– print name of current/working directory

Df ??? ??displays the amount of disk space available on the filesystem containing each file name argument

W????? Displays information about the users currently on the machine, and their processes.





route????? show / manipulate the IP routing table





Load????? Load machine code and initialize new commands.





Download????? Download file from server





Cat????? cat to view the file, we see only the normal text




(Visited 1 times, 1 visits today)

  • You can follow any responses to this entry through the RSS 2.0 feed.
  • Both comments and pings are currently closed.

Comments are closed.

Please note: Comment moderation is enabled and may delay your comment. There is no need to resubmit your comment.

nonymous. Whoever you are, we are ungovernable!
> =[]= This site is run by cyberguerrilla, your friendly anonymous autonomous tech collective since 2010 =[]= This the past that can NOT be changed! <