WatchTowr Labs has hijacked over 4,000 unique web backdoors by acquiring abandoned domains for as little as $20, allowing tracking of compromised hosts.
This hijacking allowed us to track compromised hosts as they 'reported in,' giving us power to commandeer and control these compromised hosts.
The backdoors vary from simple web shells executing commands to sophisticated tools like China Chopper, c99shell, and r57shell enabling extensive exploitation.
Some web shells were backdoored by maintainers, leaking their deployment locations and inadvertently providing valuable insights to those monitoring the compromised infrastructure.
Collection
[
|
...
]