How to Create a Backdoor in Server using BackTrack (Weevely Tutorial)

Weevely is a stealth PHP web shell that simulates a telnet-like connection. It is an essential tool for web application testing post exploitation, and can be used as a stealth backdoor web shell to manage legit web accounts, even free hosted ones. It is currently included in Backtrack and Backbox and other Linux distributions for penetration testing.

Open your backtrack terminal and type cd /pentest/backdoors/web/weevely

 

Now type ./weevely.py generate <password> <location, where u want to save file> .It will look something like this

. / weevely.py generate rajchandel (Password) /root/Desktop

Then upload that file in victim server, after uploading it, copy the URL of your uploaded file. Then type ./weevely.py <url> <password> .It will look something like this

. / weevely http://telecallerjobs.com/webdoor.php rajchandel

 

Uname –a – print all information

Free – display information about free and used memory on the system

pwd – print name of current/working directory

Df – displays the amount of disk space available on the filesystem containing each file name argument

W – Displays information about the users currently on the machine, and their processes

Ls – List information about the FILEs (the current directory by default)

How to Hack Gmail Facebook using FUD Keylogger

First Download Project Neptune Keylogger

Open the program 

Double click on the program where you downloaded it

First check the button that says “Use Email for Storing Logs” Then change the amount of time the Keylogger sends logs.

In the Email settings tab keep the “smpt.gmail.com” and the port number 587 where it says “Email to Send Keystroke Logs” put your email in that box and in the box under that put the password to your email. 

If you want you can change what email it send the logs too, but otherwise use the same email that you put above. 

Then, Click Test Email Account Information, and if you get an email saying that it works, then you can move onto the next step. 

Keep all the settings the same, unless you want to disable task manager or block websites now will add some online virus scanning sites to block them —this means that the sites can’t scan the tool for virus.

Go to the installation tab and check the first box in “Startup Settings” Then Choose a place to install in the Installation Directory.

In the Installation Directory I would put it in the “AppData Folder

Then go to Original File Check “Do Nothing with Original File after Install” to keep suspicion level none.

If you want File downloading enabled then type in the link of your exe or other file, but if not then do nothing with this box.

Now go to ‘Server Creation‘ tab and press ‘Generate New Server’ under ‘server creation’, and give name of your Keylogger and that it… You are done.

You have successfully created a Keylogger server file. Now, simply send this file to your victim via email, once the victim runs our Keylogger, we will key logs every 20 min via email

How to use Beast Trojan

Step 1:- Download the necessary software  Beast 2.06

Step 2:- Open the software

Step 3:- Now click on “Build server “button.

 

Step 4:- Now in this window click on the notifications tab.

Step 5:- In the notifications tab click on the e-mail button.

Step 6:- Now In this window fill your proper and valid email id.

Step 7:- Now go to “AV-FW kill” tab.

Step 8: – Now In this put a tick mark on the “disable XP firewall “.

Step 9:-Now click on “EXE icon” tab.

Step 10:- Select any icon and click on the ”Save Server” button and the Trojan will be made.

Step 11:-Now send this Trojan File to victim.

Step 12:- As and when the victim will install the Trojan on his system you will get a notification e-mail on your specified e-mail id while making the Trojan. This Email consists of the IP address and port of the victim.

Step 13:-Put This IP address and Port in the place shown in the below snap-shot.

Step 14:- After That Click on the “Go Beast” Button and You will be connected to victims PC.

How to use Prorat Trojan

Download Prorat.exe
Open prorat.exe that you have downloaded.

Click on Create  and then Create ProRat Server

 Enter your host name or IP in the ProRat Notification If you don’t know you IP address click the red arrow and It will fill you IP address automatically.

Now open Notifications at the sidebar and select the second option “Mail Notifications” Change this to the your email address where you want to receive notifications when the server is installed into your victims computer.

Click on Bind with file on the sidebar. You can bind it with a text document or Image File

Now Click on server Icon and choose the desired icon and click on Create server.

 

The server gets installed silently in the computer background and the hacker will be sent a notification to the email address he described in the notification tab whenever the victim is infected