weevely混淆webshell联动msf

qq_45449318

于 2021-06-15 17:27:04 发布

阅读量489

点赞数 2

分类专栏： PHPwebshell混淆与深度利用

本文链接：https://blog.csdn.net/qq_45449318/article/details/117923692

版权

PHPwebshell混淆与深度利用专栏收录该内容

1 篇文章 0 订阅

订阅专栏

weevely混淆webshell的联合msf
生成
在这里插入图片描述
可以看到有两个参数，分别对应着进行混淆的两种方式。我们分别来试一下

整理一下代码稍后分析下混淆过程：

利用
将混淆后的webshell进行上传，并进行连接，会传回一个交互式的shell

常用命令：

 :audit_disablefunctionbypass  Bypass disable_function restrictions with mod_cgi and .htaccess.     
 :audit_etcpasswd              Read /etc/passwd with different techniques.                          
 :audit_filesystem             Audit the file system for weak permissions.                          
 :audit_suidsgid               Find files with SUID or SGID flags.                                  
 :audit_phpconf                Audit PHP configuration.                                             
 :shell_php                    Execute PHP commands.                                                
 :shell_su                     Execute commands with su.                                            
 :shell_sh                     Execute shell commands.                                              
 :system_procs                 List running processes.                                              
 :system_info                  Collect system information.                                          
 :system_extensions            Collect PHP and webserver extension list.                            
 :backdoor_meterpreter         Start a meterpreter session.                                         
 :backdoor_tcp                 Spawn a shell on a TCP port.                                         
 :backdoor_reversetcp          Execute a reverse TCP shell.                                         
 :bruteforce_sql               Bruteforce SQL database.                                             
 :file_read                    Read remote file from the remote filesystem.                         
 :file_mount                   Mount remote filesystem using HTTPfs.                                
 :file_touch                   Change file timestamp.                                               
 :file_cp                      Copy single file.                                                    
 :file_bzip2                   Compress or expand bzip2 files.                                      
 :file_clearlog                Remove string from a file.                                           
 :file_rm                      Remove remote file.                                                  
 :file_ls                      List directory content.                                              
 :file_find                    Find files with given names and attributes.                          
 :file_upload                  Upload file to remote filesystem.                                    
 :file_upload2web              Upload file automatically to a web folder and get corresponding URL. 
 :file_zip                     Compress or expand zip files.                                        
 :file_tar                     Compress or expand tar archives.                                     
 :file_edit                    Edit remote file on a local editor.                                  
 :file_webdownload             Download an URL.                                                     
 :file_download                Download file from remote filesystem.                                
 :file_gzip                    Compress or expand gzip files.                                       
 :file_grep                    Print lines matching a pattern in multiple files.                    
 :file_cd                      Change current working directory.                                    
 :file_check                   Get attributes and permissions of a file.                            
 :file_enum                    Check existence and permissions of a list of paths.                  
 :sql_dump                     Multi dbms mysqldump replacement.                                    
 :sql_console                  Execute SQL query or run console.                                    
 :net_mail                     Send mail.                                                           
 :net_phpproxy                 Install PHP proxy on the target.                                     
 :net_curl                     Perform a curl-like HTTP request.                                    
 :net_proxy                    Run local proxy to pivot HTTP/HTTPS browsing through the target.     
 :net_ifconfig                 Get network interfaces addresses.                                    
 :net_scan                     TCP Port scan.

在这里插入图片描述

进行msf联动，原理就是再反弹到msf。所有shell应该都可以（重点还是msf的功能项和使用）
先用msf监听一个端口：
在这里插入图片描述
运用weevely自带的模块进行更好的反弹体验：

qq_45449318

关注

2
点赞
踩
0

收藏

觉得还不错? 一键收藏
1
评论
weevely混淆webshell联动msf

weevely混淆webshell的联合msf生成可以看到有两个参数，分别对应着进行混淆的两种方式。我们分别来试一下整理一下代码稍后分析下混淆过程：利用将混淆后的webshell进行上传，并进行连接，会传回一个交互式的shell常用命令： :audit_disablefunctionbypass Bypass disable_function restrictions with mod_cgi and .htaccess. :audit_etcpasswd
复制链接

扫一扫