-
## key points:
- spoke.py tool for squid (https://book.hacktricks.xyz/network-services-pentesting/3128-pentesting-squid)
- MYSQL: ` SELECT "" into OUTFILE ""`
-
This looks for a php variable function call like $my_function($something); using the following regex:
/\$[a-zA-Z_\x80-\xff][a-zA-Z0-9_\x80-\xff\[\]'"]{0,20}\s{0,20}\(\$/
The main problem is that i…
-
Link to the tool: https://... (minimum 1 required):
[link] https://github.com/splunk/ShellSweep [/link]
List of tags separated by comma: tag1,tag2,tag3... (required):
[tags] webshell [/tags]
…
-
https://github.com/moses-smt/mosesdecoder/blob/master/contrib/iSenWeb/trans_result.php
poc: input1=;ls
-
when i rexcute the exp, and then reboot server, the webshell will be rewrited.
how can i cancel it?
-
Hi,
I stumbled upon a reverse jsp shell and the generic rule for jsp webshells `WEBSHELL_JSP_Generic` returns a false positive due to the nature of the reverse shell.
Changing this:
```
and (
…
-
我们也在开发webshell,但是发现一个问题,如果在容器内退出之前没有用exit这种退出,会残留/bin/bash进程在容器内,容器再次重启或者滚动升级有一定概率无法正常终止容器,产生僵尸进程, 您那边有遇到过类似问题吗?容器启动是用tini, 暂时的解决方法是每次用户关闭websocket连接我们会给容器内发送exit回车命令, 僵尸进程的解决方案是重启docker服务 杀死僵尸进程,否者节点…
-
https://www.bleepingcomputer.com/news/security/chemical-facilities-warned-of-possible-data-theft-in-cisa-csat-breach/
"CISA is warning that its Chemical Security Assessment Tool (CSAT) environment …
-
when you are in the background,you can upload a php file to get webshell。
![1](https://user-images.githubusercontent.com/20952461/160783823-2846c3ce-5400-4a21-82c7-cc9402a43a7d.png)
![2](https://us…
-
Hi.
I Need ASP OR ASPX webshell only size 5k.
Upload File and CMD And Make User Account Auto.
Thanks.