Information Security

weevely – Backtrack 5 – Maintaining Access – Web Backdoors – weevely

Need a quick way to generate a PHP backdoor for a compromised server you want to come back to later, then weevely is your application. I was pleasantly surprised when I started playing around with weevely in more detail as it provides a ton of built in functionality and does a lot more than I initially though that weevely did. The weevely application is built using Python and its current version on Backtrack 5 R3 is weevely v0.7. The weevley.py Python script is located in theĀ /pentest/backdoors/web/weevely directory and some of its uses are described in more detail below.

Information Security

sbd : Backtrack 5: Maintaining Access: OS Backdoors: sbd

The sbd command is a netcat clone that offers decent encryption, allows for command execution, and will install on Linux or Windows. You are likely aware of netcat and all of the different ways you can use it including reverse shells, port scanning, etc. The sbd command is a great tool for opening up protected listeners or as noted in the Backtrack Linux menu for maintaining access to servers on compromised networks. Since it is likely you are familiar with nc or netcat below I go into setting up a reverse shell using a secret key between the listener and the connecting client.