mirror of
https://github.com/tennc/webshell
synced 2024-11-10 05:44:11 +00:00
Create create_code_with_xor.py
create some code for php xor to bypass safedog from : https://www.sqlsec.com/2020/07/shell.html#toc-heading-24
This commit is contained in:
parent
105f3ed358
commit
e864fcd511
1 changed files with 59 additions and 0 deletions
59
php/create_code_with_xor.py
Normal file
59
php/create_code_with_xor.py
Normal file
|
@ -0,0 +1,59 @@
|
|||
#!/usr/bin/env python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# name: yihuo.py
|
||||
# http://www.opensource.org/licenses/mit-license
|
||||
# MIT License
|
||||
# from: https://www.sqlsec.com/2020/07/shell.html#toc-heading-24
|
||||
# Copyright (c) 2020
|
||||
#
|
||||
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
# of this software and associated documentation files (the "Software"), to deal
|
||||
# in the Software without restriction, including without limitation the rights
|
||||
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
# copies of the Software, and to permit persons to whom the Software is
|
||||
# furnished to do so, subject to the following conditions:
|
||||
#
|
||||
# The above copyright notice and this permission notice shall be included in all
|
||||
# copies or substantial portions of the Software.
|
||||
#
|
||||
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||
# SOFTWARE.
|
||||
|
||||
import string
|
||||
from urllib.parse import quote
|
||||
|
||||
keys = list(range(65)) + list(range(91, 97)) + list(range(123, 127))
|
||||
results = []
|
||||
for i in keys:
|
||||
for j in keys:
|
||||
asscii_number = i ^ j
|
||||
if (asscii_number >= 65 and asscii_number <= 90) or (asscii_number >= 97 and asscii_number <= 122):
|
||||
if i < 32 and j < 32:
|
||||
temp = (
|
||||
f'{chr(asscii_number)} = ascii:{i} ^ ascii{j} = {quote(chr(i))} ^ {quote(chr(j))}', chr(asscii_number))
|
||||
results.append(temp)
|
||||
elif i < 32 and j >= 32:
|
||||
temp = (
|
||||
f'{chr(asscii_number)} = ascii:{i} ^ {chr(j)} = {quote(chr(i))} ^ {quote(chr(j))}', chr(asscii_number))
|
||||
results.append(temp)
|
||||
elif i >= 32 and j < 32:
|
||||
temp = (
|
||||
f'{chr(asscii_number)} = {chr(i)} ^ ascii{j} = {quote(chr(i))} ^ {quote(chr(j))}', chr(asscii_number))
|
||||
results.append(temp)
|
||||
else:
|
||||
temp = (f'{chr(asscii_number)} = {chr(i)} ^ {chr(j)} = {quote(chr(i))} ^ {quote(chr(j))}', chr(asscii_number))
|
||||
results.append(temp)
|
||||
results.sort(key=lambda x: x[1], reverse=False)
|
||||
for low_case in string.ascii_lowercase:
|
||||
for result in results:
|
||||
if low_case in result:
|
||||
print(result[0])
|
||||
for upper_case in string.ascii_uppercase:
|
||||
for result in results:
|
||||
if upper_case in result:
|
||||
print(result[0])
|
Loading…
Reference in a new issue