Web Backdoor Compilation (wbc)
DK (http://michaeldaw.org)

Changelog

Date Change
24 Apr 07 Anti-Virus Capabilities (Work done by Dancho Danchev)
14 Apr 07 Version 1b (pre 1.2 release):
perlcmd.cgi,
cfexec.cfm,
cmdasp.aspx
Dec/06 Version 1 release.

I have collected some WEB backdoors in the past to exploit vulnerable file upload facilities
and others. I think a library like this may be useful in a variety of situations.

Understanding how these backdoors work can help security administrators
implement firewalling and security policies to mitigate obvious attacks.

The package includes:

Filename Contributer Anti-Virus Detection MD5 Risk
cmd-asp-5.1.asp Brett Moore Webwasher-Gateway 6.0.1/20070419 8baa99666bf3734c
bdfdd10088e0cd9f
HIGH
cmdasp.asp Maceo Authentium 4.93.8 04.14.2007
Avast 4.7.981.0 04.16.2007
BitDefender 7.2 04.16.2007
ClamAV devel-20070312 04.16.2007
DrWeb 4.33 04.16.2007
Ewido 4.0 04.16.2007
F-Prot 4.3.2.48 04.13.2007
F-Secure 6.70.13030.0 04.16.2007
Kaspersky 4.0.2.24 04.16.2007
Microsoft 1.2405 04.16.2007
Symantec 10 04.16.2007
VBA32 3.11.3 04.14.2007
Webwasher-Gateway 6.0.1 04.16.2007
57b51418a799d2d0
16be546f399c2e9b
Low
cmdasp.aspx Dominic Chell None 5e83b6ed422399de
04408b80f3e5470e
CRITICAL
cmdjsp.jsp Unknown None b815611cc39f17f05a
73444d699341d4
CRITICAL
jsp-reverse.jsp Tan Chew Keong None 8b0e6779f25a17f0
ffb3df14122ba594
CRITICAL
php-backdoor.php z0mbie AhnLab-V3 2007.4.19.1/20070419
AntiVir 7.3.1.53/20070419
Authentium 4.93.8/20070418
AVG 7.5.0.464/20070419
BitDefender 7.2/20070419
F-Prot 4.3.2.48/20070418
F-Secure 6.70.13030.0/20070419
Ikarus T3.1.1.5/20070419
Kaspersky 4.0.2.24/20070420
McAfee 5013/20070419
Microsoft 1.2405/20070419
NOD32v2 2205/20070419
Norman 5.80.02/20070419
VBA32 3.11.3/20070419
Webwasher-Gateway 6.0.1/20070419
AVG Free 8.0.233
2b5cb105c4ea9b5e
bc64705b4bd86bf7
Low
simple-backdoor.php David Kierznowski None f091d1b9274c881f
8e41b2f96e6b9936
CRITICAL
perlcmd.cgi David Kierznowski None 97ae7222d7f13e90
8c6d7f563cb1e72b
CRITICAL
cfexec.cfm Kurt Grutzmacher None bd04f47283c53ca0
ce6436a79ccd600f
CRITICAL

Note: readme.txt is also included in this package but not listed here.

If you have contributions please let me know so that I can add them into a later
release.

Download here.