Categories
Penetration Testing Web Application Penetration Testing

PHP Backdoor Hookworm Stealth

HookWorm Stealth is an old PHP Backdoor just like c99Shell created by Justin Klein Keane as Proof of concept.

HookWorm Stealth provides less features than c99Shell but it’s activity can’t be track easily like c99Shell. it uses Cookies to leave no TRACE in Web server access log.

HookWorm Stealth PHP Backdoor Features :

  • Find .htaccess
  • Find open ports on remote system
  • Search for writable files or directories
  • and many more.

Download HookWorm Stealth fromĀ  http://www.madirish.net/sites/default/files/hookworm.php.tar.gz

When you get access of remote web server SHELL, the access log of web server will throw /index.php 200 OK status code that’s a normal good HTTP request.

To read further about HookWorm Stealth, go to the author blog