Some PHP (+1sh,1 undecompiled jar) shell and etc scripts

vxunderground / MalwareSourceCode

Collection of malware source code for a variety of platforms in an array of different programming languages.

https://vx-underground.org

15.43k stars 1.72k forks source link

Some PHP (+1sh,1 undecompiled jar) shell and etc scripts #70

Open DartPower opened 1 year ago

DartPower commented 1 year ago

Some PHP (+1sh,1 undecompiled jar) shell and etc scripts

Contains some "salted base64" encoded scripts, shell source code and two another files: sh and jar. (needs to decomp i think, but maybe unuseful because have a public(maybe) maven info, but maybe this is "invisible" some i think)

I think 50%-100% of this archive is really need to add, also if you will decomp jar and decode the encryped PHP scripts. But some scripts not encrypted

Password: infected SomePHP_pass_infected.zip

theanonhackuk commented 1 year ago

Hey DartPower, I have decompiled your jar script and I saw it have a variable named 'EvercookieExploit.payload' which i haven't understand what it exactly do, could you explain me more what does the jar file do? Thanks -T

DartPower commented 1 year ago

i found it on some from "git exposed" site dumps

vxunderground commented 12 months ago

Will review it. Thanks