Nytro Posted December 6, 2011 Report Posted December 6, 2011 [Web Backdoors][Attack, Evasion and Detection][fb1h2s aka Rahul Sasi]Meet Us at http://www.Garage4Hackers.com FB1H2SAbstract: This paper provides insight on common web back doors and how simple manipulations could make them undetectable by AV and other security suits. Paper explains few techniques that could be used to render undetectable and unnoticed backdoors inside web applications.This paper is mainly an update for an old paper of ours Effectiveness of Antivirus in Detecting Web Application Backdoors, which mainly questioned the effectiveness of AV with respect to web shells and analysis of a couple of web shells. Current paper takes this topic further and explains a couple of methodologies that could be used to make stealth application layer backdoors using web scripting languages .This paper explains various Web Backdoor attacks and evasion techniques that could be used to stay undetected .Download:http://dl.packetstormsecurity.net/papers/general/web_backdoors_evasion_detection.pdf Quote
