Table of contents
No headings in the article.
The Apache HTTP Server or Apache Daemon or just Apache is the free web server created in 1995 by a group of developers at NCSA, based on the NCSA HTTPd web server created by Rob McCool.
The idea for the name came from the Apache Indians, who are a Na-den ethnic group, being one of the native peoples of the United States. They speak the Apache language and currently inhabit Indian reservations in the southwestern United States.
Backdoor malware is a type of malware that denies normal authentication procedures to access a system. In other words, it is a way of allowing cybercriminals to access computers remotely.
In this sense, it is possible to access resources within an application such as databases and file servers, even allowing hackers to manipulate system commands.
Backdoor programs, it is worth remembering, can be installed in both software and hardware components. In addition, they can be spread via malicious apps on mobile and smart devices (such as smartwatches).
Apache is highly customizable and it has a module-based structure. These modules allow server administrators to enable or disable new features.
Apache has modules for security, caching, URL rewriting, password authentication and more. To create a module-implemented webshell we obviously need to create a module with our malicious code.
Since we will be using C we need to (obviously) include libs, but the only libc libs we will be using are stdio.h and stdlib.h, apache has its own libs!
After adding the libs we have to create the function to execute commands (h4x0r alert).
Now just register the apache hooks using the ap_hook_handler() function.
Now we have to compile the module and restart HTTPd. We can do this using the commands:
$ apxs -i -a -c leet.c
$ service apache2 restart