Information Security

weevely – Backtrack 5 – Maintaining Access – Web Backdoors – weevely

Need a quick way to generate a PHP backdoor for a compromised server you want to come back to later, then weevely is your application. I was pleasantly surprised when I started playing around with weevely in more detail as it provides a ton of built in functionality and does a lot more than I initially though that weevely did. The weevely application is built using Python and its current version on Backtrack 5 R3 is weevely v0.7. The Python script is located in theĀ /pentest/backdoors/web/weevely directory and some of its uses are described in more detail below.

Technology Insights

Require HTTPS For ClientExec Installed In Sub Directory

If you have ClientExec installed in a sub-directory say /clientexec and want to require HTTPS only for ClientExec the easiest way to accomplish this is by putting a .htaccess file inside of the sub directory itself. There are numerous solutions to this posted as CE Knowledge Base Articles and within the CE forums but many of them did not work for me so I wanted to post the solution that worked on setup using CentOS as the operating system and using Apache/PHP/MySQL on that platform.

Technology Errors

.htaccess: Options not allowed here

Earlier when mirroring a Zen Cart online store for a customer to work on some custom modifications for him I ran into an error when attempting to visit the site in a web browser. The issue relates to Rewrite rules in the .htaccess file which I was able to easily track down by viewing the Apache error logs for the site. Below is more information regarding the error located in the logs and how I was able to resolve the problem.

Information Security

Disable PHP allow_url_fopen For Security Reasons

Recently I was doing a security audit on a Linux server and noticed some Apache and PHP items that needed to be modified to make the server more secure. One of the items that should be disabled is allow_url_fopen because the risk that it can be abused. The issue is that allow_url_fopen is on by default even though many times it is never used on a server. Modify the below line in the Linux servers php.ini file which typically located in the /etc directory.