search

andresriancho / w3af

w3af: web application attack and audit framework, the open source web vulnerability scanner.
http://w3af.org/
4.59k stars 1.22k forks source link

Improve shell_handler.py (_get_file_list) to support multiple implementations #1926

Open andresriancho opened 10 years ago

andresriancho commented 10 years ago

The _get_file_list function in shell_handler.py only supports returning one implementation for each framework.

What I would like to be able to do is:

Once that is done, create two different PHP webshell implementations:

<?php
...
?>

And

<?
...
?>

Yes, that small change makes a whole lot of a difference in some cases.

andresriancho commented 10 years ago

One shell that I would also like to have is this tiny one: http://www.reddit.com/r/netsec/comments/220uhh/a_look_into_creating_a_truley_invisible_php_shell/cgiv9l0