Deface Page & Shell Finder in a Server

We Are Boss No Excuse Here Current time: 02-08-2014, 07:58 PM
[r007~m!n!]
Welcome back, r007~m!n!. You last visited: Today, 07:55 AM

    We Are Boss No Excuse Here
    Hacking & Security
    Tools & Equipment
    Deface Page & Shell Finder On Server


Thread OptionsNew Reply


Thread Rating:

    0 Votes - 0 Average
    1
    2
    3
    4
    5

Deface Page & Shell Finder On Server
02-01-2014, 12:08 AM
Post: #1
    local r00t
Member
**


Posts: 73
Joined: Jan 2014
Reputation: 1
Status: Offline
Thanks: 1
Given 3 thank(s) in 2 post(s)
Status: Offline
Deface Page & Shell Finder On Server
Hello world!

hi bro
I think it's still Private
up on your shell or server and run it
this can find shell and page daface on serve
PHP Code:
#!/bin/bash

export HISTFILE=/dev/null;
echo
echo -n "Search started at: "
date
find / -type f ( -name "*.htm" -o -name "*.html" -o -name "*.phtml" -o -name "*.php" -o -name "*.ll" -o -name "*.perl" -o -name "*.ssh" -o -name "*.php.dem" -o -name "*.pHp.dem" -o -name "*.js" -o -name "*.txt" -o -name "*.shtml" -o -name "*.py" -o -name "*.swt" -o -name "*.izri" -o -name "*.irzi" -o -name "*.php.jpg" -o -name "*.PHP" -o -name "*.php.jpeg" -o -name "*.php.gif" -o -name "*.sh" -o -name "*.cgi" -o -name "*.log" -o -name "*.pl" ) ! -iname "exploit-scanner.php" ! -iname "extra-strings.php" ! -iname "authorizenet_cc_[abc]im.php" ! -iname "chronocontact.html.php" ! -iname "view.html.php" ! -wholename "*/broken-link-checker/*" ! -wholename "*/wishlist-member/*" ! -wholename "*/supercache/*" ! -wholename "*/cache/*" -print0 | xargs -0 egrep -Hil '(GMJK\ Crew)|(fLasHcoM\ CpAnEl)|(FeeLCoMz)|(Bk-code\ shell)|(MaZaCrEw\ CpAnEl)|(VopCrew)|(fuckerboy)|(Cyber\ Crew\ Shell)|(OrigamiCrew)|(CyBeSteR)|(N3tsh_surl)|(\[\ bjork)|(COLUMBUSSheLL)|(c88sh)|(Crazy_Hacker)|(Fx29Sh)|(r57sh)|(c99sh)|(\!m  PLe\ SHeLL)|(web\ shell)|(PoWeReD\ BY\ GodFatheR)|(Webcomm\-Cr3w)|(O0O.maxx)|(Nigerian\ Spam\ Community)|(IcHig0)|(Modif\ by\ \:)|(Sincan2)|(EdianShell)|(Tiagow)|(PackBot)|(mass\.eMailer)|(MASS\ MAIL\!\!\!)|(FxID)|(Oishi\ Crew)|(DexQy-community)|(J4m35_B0nd)|(psyBNC)|(milw0rm)|(sUxCrew)|(\$c99)|(HackerBooty)|(ThOu  rOS)|(Chanary)|(ccpower\ \-config)|(cENxShell)|(bamby\.web\.id)|(autoversi.tcl)|(Defaced\ by)|(H4cked\ By)|(h4ck3d\ by)|(Fatihul\ Ulum)|(By\ TouchMoneY)|(Sender\ Mails)|(HacKer\ EgypT)|(rootshell\-team)|(SHELL\ FUCKER)|(Mailer\ by\ Albrim)|(FraNGky)|(Karaw4nghacK)|(\-\=ok\=\-)|(PHP\ IRC\ Bot)|(\[S\]uper\[BAD\])|(Emp3ror\ Undetectable)|(ByroeNet\ Team)|(Pitbull\ Bot)|(By\ racrew)|(Masss\ Defacer)|(Data\ Cha0s)|(webadmin\.php)|(Cyber\ One)|(xcrew\-\-)|(by\ ladusty)|(no\ malware\ on\ this\ code\,)|(SnL_ayaz_\/was_here)|(DONSHAQ\ Was\ Here)|(YoUngEST\ \-\ Mass\ Mailer)|(DoS\-Dz)|(devilzShell)|(By\ Shaun\$\$)|(patrao\ PHP)|(IndoIrc\ LCC)|(JaheeM\ Galaxy)|(Naija\ Boys\ Too\ Much)|(MulCiShell)|(Shell\ uploader\ By\ HalT)|(Shany\ was\ here)|(\[\"lol\"\])|(send\ evil\ code)|(Andre_Corleone)|(Upload\ fisier\:)|(Vrs-hCk)|(By\ Continue\ Crew)|(Phpshell)|(paraghcybernet)|(Database\ Scanner)|(\$\$haun\$\$)|(KecoaK)|(cow_revo)|(Fx29ID)|(bhlcrew)|(PHP\-Mailer)|(InboX\ Mass\ Mailer)|(ALL\-inbox\ Mailer)|(cPanel\ brute\ forcer)|(gblack\ Was\ Here)|(indoshell)|(eX\ Mortal)|(RawckerHeaD)|(SimAttacker)|(V.I.T.A.L.)|(zreg\ exploit)|(ReloaD\-X)|(dodol\ was\ here)|(eX\ was\ here)|(Codz\ by\ angel)|(cakill\ schumbag)|(Shevchenko)|(ONeTCr3w)|(Rengkong)|(yogyacarderlink\ Crew)|(\:\:\ Mailer\ Inbox\ \:\:)|(\-HackeR\-)|(Emoney\ \-\-)|(Goog1e_analist_certs)|(owned\ by\ c0d3d)|(UnixStats\ Mass\ MaiLer)|(Hacked\ By\ NHC)|(Bot\ Shell)|(Response\ CMD)|(\.\:\:\ Welcome\ \:\:\.)|(BARUKLINTHENG)|(\-\-\=\[\ genol\]\=\-\-)|(Upload\ GAGAL\ \!\!\!)|(by\ shegs35c)|(Dz-Gr33nF@TheR)|(Super\ Floooder)|(D4rk\ Cod3rs)|(PHP\ Bot\ \:\:)|(online\ hacker)|(SerCom\ CoLi)|(By\ Th3\-r4wKs)|(KingDefacer)|(living-tuerkei.de)|(By\ DurjanA)|(r1pp3rm4ya)|(Backdoor\ by\ RoCu)|(By\ Pejvaknuse)|(Spider\ PHP\ Shell)|(NeutroX\ CorP)|(ZaraByte\ File\ Uploader)|(DONEJE\ Was\ Here)|(Killer\ Hack)|(Simo64\ WebShell)|(Morocain\ checker)|(AKACHIMAILER)|(iMHaBiRLiGi\ PhpFtp)|(Andalas_oku)|(BlAcK\.JaGuAr)|(SUNT\ LA\ emailul)|(Hacker\ Indonesia)|(Thund3rC4sH)|(\$shell\ \=\ curl_exec)|(james0baster)|(\_860972539\_)|(MadeinChina)|(WordPress\ Inserter\ Links)|(phpRemoteView)|(Shell\ by\ aak)|(fullz\.result)|(\:\:xs86\-)|(gog1\=liTiTTT1Ti1I)|(Dr\.Timor)|(by\ r3v3ng4ns)|(By\ Iron\ Mask)|(B\ a\ n\ k\ l\ i\ n\ e)|(FODAX\ CORPORATION)|(Simple\ Shell)|(\:\ inb0x\ \:)|(Irc\.Allnetwork\.Org)|(\-234\-\ >)|(BY\ HaTeX)|(empixcrew)|(HTTP_SHELL)|(\$tds\ =\"http\:\/\/)|(95\.163\.66\.187)|(Powered\ By\ root\@localhost)|(BY\ kaMtiEz)|(by\ ChitoZz\_)|(By\ 2mibi)|(s0ul_p0w3r)|(KENNY\ WIZZY)|(DMaR\ AL\-TMiMi)|(\[vb\ Tools\])|(By\ SILVER\ FOX)|(Gaza\ Hacker\ Team)|(Symlink\ t00lz)|(Unit\-X\ Team)|(By\ DrZer0)|(DrZer0\ Hacker)|(Lagripe\-Dz)|(AbdullaH\ AL\-TAMiMi)|(\$v01b6e203)|(By\ \[\ Lkon)|(PHPJackal)|(sime\:site)|(\-CHA\$E\-)|(rush1ng)|(by\ LAMA)|(M1LH4S\ \-\ T4M)|(By\ Xadpritox)|(AndRy\ PNT)|(Ani\ Shell)|(\.\ Z190T\ \.)|(B\ Y\ M\ A\ G\ I\ C)|(H3xTeCh)|(Surrogafier)|(\$Ve8662315)|(By\ TeaM\ MosTa)|(raCrew\ ConnectBack)|(M0H4M3D\ 4M1N3)|(>HcJ\ <)|(By\ RAB3OUN)|(\#\ SA3D)|(by\ r3cogn1z3d)|(LEOMACS\ CRYPTOGRAPHIC\ CREW)|(aKpuMPiN)|(By\ kay8992)|(By\ DewaSpam)|(By\ TrYaG\.CC)|(Inbox\ Mailr)|(POwned\ BY) | (POwned\ BY\) | (ybhacker)|('filesman')|(By\ Newbie_Campuz)|(by\ bankonmoney4me)|(Crush\ Mailr)|(\-\ PHP\-Sender)|(netjackal\.by\.ru)'
echo
echo -n "Search completed at: "
date
echo

Reply Thanks  Quote Report


        New Reply


[-]
Quick Reply
Found an autosave (Restore AutoSave - Preview AutoSave - Remove AutoSave)

Possibly Related Threads...
Thread: Author  Replies:    Views:  Last Post
    Admin Panel Finder [PHP]    1337 Brain  0   1   01-08-2014 11:18 PM
Last Post: 1337 Brain


We Are Social
[Twitter]   [Facebook]   [Google]
    »  Help Document»  Return to Content»  Lite (Archive) Mode»  RSS Syndication
© 2013-14 ECF. [Contact Us]
Site Created MyBB. [Support Board]
Crefted by [{CMS} License]
    [Community Partner]