weevely混淆webshell的联合msf
生成
可以看到有两个参数,分别对应着进行混淆的两种方式。我们分别来试一下
整理一下代码稍后分析下混淆过程:
利用
将混淆后的webshell进行上传,并进行连接,会传回一个交互式的shell
常用命令:
:audit_disablefunctionbypass Bypass disable_function restrictions with mod_cgi and .htaccess.
:audit_etcpasswd Read /etc/passwd with different techniques.
:audit_filesystem Audit the file system for weak permissions.
:audit_suidsgid Find files with SUID or SGID flags.
:audit_phpconf Audit PHP configuration.
:shell_php Execute PHP commands.
:shell_su Execute commands with su.
:shell_sh Execute shell commands.
:system_procs List running processes.
:system_info Collect system information.
:system_extensions Collect PHP and webserver extension list.
:backdoor_meterpreter Start a meterpreter session.
:backdoor_tcp Spawn a shell on a TCP port.
:backdoor_reversetcp Execute a reverse TCP shell.
:bruteforce_sql Bruteforce SQL database.
:file_read Read remote file from the remote filesystem.
:file_mount Mount remote filesystem using HTTPfs.
:file_touch Change file timestamp.
:file_cp Copy single file.
:file_bzip2 Compress or expand bzip2 files.
:file_clearlog Remove string from a file.
:file_rm Remove remote file.
:file_ls List directory content.
:file_find Find files with given names and attributes.
:file_upload Upload file to remote filesystem.
:file_upload2web Upload file automatically to a web folder and get corresponding URL.
:file_zip Compress or expand zip files.
:file_tar Compress or expand tar archives.
:file_edit Edit remote file on a local editor.
:file_webdownload Download an URL.
:file_download Download file from remote filesystem.
:file_gzip Compress or expand gzip files.
:file_grep Print lines matching a pattern in multiple files.
:file_cd Change current working directory.
:file_check Get attributes and permissions of a file.
:file_enum Check existence and permissions of a list of paths.
:sql_dump Multi dbms mysqldump replacement.
:sql_console Execute SQL query or run console.
:net_mail Send mail.
:net_phpproxy Install PHP proxy on the target.
:net_curl Perform a curl-like HTTP request.
:net_proxy Run local proxy to pivot HTTP/HTTPS browsing through the target.
:net_ifconfig Get network interfaces addresses.
:net_scan TCP Port scan.
进行msf联动,原理就是再反弹到msf。所有shell应该都可以(重点还是msf的功能项和使用)
先用msf监听一个端口:
运用weevely自带的模块进行更好的反弹体验: