Member-only story
You’ve spent the time and effort gaining access to a Linux system, let's make sure we maintain it. Today, we're going to cover various ways to backdoor Linux systems and maintain our persistence. Some are fairly well known, while others are slightly more subtle. Each situation is different, so it is at your discretion which to utilize.
Note: This was all conducted in a lab environment, and I implore you to do the same.
Method 1: PHP Backdoors
Many Linux systems have apache running and hosting some form of a web application. Even if it is not running you have the option to start it (root required) with the command
systemctl start apache2
Whether it was already started, or you manually brought the service up you have the options of taking a web shell and sticking it in the webroot directory which is located at:
/var/www/html
I have included links to some of my favorite web shells, but feel free to use your own.
