WebBackdoors , Attack, Evasion and Detection:

Abstract: This paper provides insight on common web back doors and how simple manipulations could make them undetectable by AV and other security suits. Paper explains few techniques that could be used to render undetectable and unnoticed backdoor inside web applications.
This paper is mainly an update for an old paper of ours Effectiveness of Antivirus in Detecting Web Application Backdoors, which mainly questioned the effectiveness of AV with respect to web shells and analysis of a couple of web shells. Current paper takes this topic further and explains a couple of methodologies that could be used to make stealth application layer backdoors using web scripting languages .This paper explains various Web Backdoor attacks and evasion techniques that could be used to stay undetected .


Web Application Backdoors:

They are simple scripts built using web applications programs that would serve an attacker as a backdoor to the application hosting environment.
Detection Methods [Signature Based Detection]
In this technique the Antivirus software’s need to have the signature of the Backdoor, and for that the companies should already have had a copy of the backdoor for analyzing.

Download this  Paper : http://www.garage4hackers.com

Advertisements

2 Comments

  1. cake
    Okay post, but not the best Ive seen exactly. You should step it up or kake will eat your position.

  2. I am very happy to read this. This is the kind of info that needs to be given and not the accidental misinformation that’s at the other blogs. Appreciate your sharing this greatest doc.


Sorry, the comment form is closed at this time.

Comments RSS