Comments on: WeBaCoo (Web Backdoor Cookie) Script-Kit – The Birth

By: anestisb

anestisb — Sun, 23 Sep 2012 08:31:45 +0000

Yeap a multi-staged (part of the exploit in the backdoor and the rest send from the client) exploit pack plugin would be cool. Although, as i mentioned in my previous comment i like to keep pentest stages clear and seperate.

Webacoo was designed as a post-exploitation tool in order to maintain access, support host pivoting and facilitate a privilege escalation attack. Consequently, i won’t risk the stealth/steady behavior by adding some heavy exploit packs. It’s on the pentester’s hand to find an appropriate vector for the rest of the process. Some new features that i’m currently working are some port forward,proxy, pivot features.

Of course users are free to add such features/plugins in their forked versions and would be glad to review merge requests.

Appreciate your comments.
-A

By: vuln

vuln — Sun, 23 Sep 2012 02:15:05 +0000

seriously this is badass i will be reviewing this code and seeing what i can ad have u thought of adding a function that has built in exploits? base 64 encoded than decoded have the backdoor hold the exploits that way the http traffic is small and just send a command to run exploit?

By: Vignesh

Vignesh — Mon, 27 Feb 2012 23:18:33 +0000

Great stuff. I appreciate your new findings and stealth of webshells. Please do more updates like this!

By: anestisb

anestisb — Fri, 09 Dec 2011 16:41:44 +0000

Appreciate the good words meebo. You are right, clear documentation is an issue nowadays. Finally found some time to complete the wiki writeup. Waiting to hear your feedback after testing the tool. ps More features coming soon (hopefully)!

By: meebo

meebo — Sat, 03 Dec 2011 23:26:19 +0000

Good stuff – I’ll be testing this out for sure within the next few days. Didn’t much care for weevely but it was the best documented semi-decent PHP backdoor, so I used it anyhow. Hopefully now I’ll have an alternative…better alternative.