Review #4_Maintaining Access with Weevely

*Book Review, Penetration Testing with BackBox: Stefan Umit Uygur (Author)

Chapter 6 : Maintaining Access
This chapter described how to make backdoor to access the target easily for later. Originally, backdoor is used for engineers or administrators when they need a quick access to the systems for maintenance. For the point of hacker’s view, stealth backdoor can help hackers to main the access because sometimes hacker lost his/her access to a target, if there’s parameter changes or vulnerabilities patched.

Weevely uses a snippet of PHP code to create a terminal on the target server and allow remote code action via PHP agent. I had some issue with weevely on my backbox, so I use Kali linux for weevely. I use two Kali linux to test weevely. Kali#1 is a victim which has DVWA set up as a web service. Kali#2 is an attacker which will create weevely code and put it into Kali#1 to run a backdoor.

First of all, Kali#2 (Attacker) generates weevely.php on /root/Desktop path which has a password as ‘skyvenom’ and move this file to Kali#1(Victim), you can move the file via e-mail or upload etc. I put weevely.php file in ‘var/www/DVWA-master’ folder.

14

Secondly, make sure a victim pc runs web service well, in this case, set up DVWA and start apache2 and mysql service and type localhost or 127.0.0.1/DVWA-master/login.php over the browser FYI, the victim’s IP address is 192.168.247.132.

15

Thirdly, once you set up the victim environment and placing the backdoor file (weevely.php) on the target server, come back to attacker and type victim’s address and backdoor php file with password. Like below. You will successfully accessed the target machine after that.

16
Chapter 7 : Penetration Testing Methodologies with BackBox
This chapter is about penetration testing step by step based on what we learned from previous chapters 1)Information gathering: collecting information about the target with ‘host -a target.com’, whatweb command, ‘whois target.com’ command.
2)Scanning : getting more useful information like OS environment, application, services etc with Nmap(Zenmap, GUI) and OpenVAS to find vulnerability.
3)Exploitation: exploit vulnerability found on previous step with MSF(Metasploit Framework)

Chapter 8 : Documentation and Reporting
Documentation and reporting, creating human-readable contents is also necessary. It’s helpful to make BCP/DRP plan or verify important asset or set up security rules for f/w and IPS. MagicTree is designed to allow data consolidation, external command execution and report.

*Book Review, Penetration Testing with BackBox: Stefan Umit Uygur (Author)

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s