Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

AntSword Backdoor Detection

By kannthu

Critical
Vidoc logoVidoc Module
#backdoor#antsword
Description

What is the "AntSword Backdoor Detection?"

The "AntSword Backdoor Detection" module is designed to detect the presence of a backdoor shell in an AntSword application. AntSword is a software used for penetration testing and ethical hacking. The severity of this detection is classified as critical, indicating a high level of risk if a backdoor is found. The original author of this module is ffffffff0x.

Impact

If a backdoor shell is discovered in an AntSword application, it can pose a significant security risk. Backdoors allow unauthorized access to a system, potentially leading to data breaches, unauthorized modifications, and further exploitation of the compromised system.

How the module works?

The "AntSword Backdoor Detection" module works by sending an HTTP POST request to the path "/.antproxy.php" and checking for specific conditions in the response. The request includes a header with the content type set to "application/x-www-form-urlencoded". The module uses two matching conditions to determine if a backdoor shell is present:

    - The body of the response must contain the word "951d11e51392117311602d0c25435d7f". - The status code of the response must be 200.

If both conditions are met, the module reports the presence of a backdoor shell in the AntSword application.

Reference:

- https://github.com/AntSwordProject/AntSword-Labs/tree/master/bypass_disable_functions/9

Module preview

Concurrent Requests (1)
1. HTTP Request template
POST/.antproxy.php
Headers

Content-Type: application/x-www-fo...

Matching conditions
word: 951d11e51392117311602d0c25435d7fand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability