[php] wso 2.5.1

This topic contains 2 replies, has 3 voices, and was last updated by  dynamik 6 years, 8 months ago.

  • Author
    Posts
  • #8099
     S0j@@n 
    Participant

    WSO is a PHP shell backdoor that provide an interface for various remote operations. It can perform everything from remote code execution, bruteforcing of servers, provide server information, and more.

    Download (packetstorm) Link :

    http://packetstormsecurity.org/files/117974/WSO-Web-Shell-2.5.1.html

    Features:
    Authorization for the cookies
    Server Information
    File manager (copy, rename, move, delete, chmod, touch, create files and folders)
    View, hexview, editing, downloading, uploading files
    Working with zip archives (packing, unpacking) + compression tar.gz
    Console
    SQL Manager (MySql, PostgreSql)
    Execute PHP code
    Working with Strings + hash search online databases
    Bindport and back-Connect (Perl)
    Bruteforce FTP, MySQL, PgSQL
    Search files, search text in files
    Support for * nix-like and Windows systems
    Antipoiskovik (check User-Agent, if a search engine then returns 404 error)
    You can use AJAX
    Small size. Packaged version is 22.8 Kb
    The choice of encoding, which employs a shell.

    Changelog (v2.5.1):
    Remove comments from the first line .
    Added option to dump certain columns of tables.
    the size of large files are now well defined .
    in the file properties field “Create time” changed to “Change time” (http://php.net/filectime).
    Fixed a bug that caused not working mysql brute force if there was a port of the server .
    Fixed a bug due to which one can not see the contents of a table called download in the database.

    Youtube link :

    https://www.youtube.com/watch?v=MreAwLEXK_E
  • #51288
     hayabusa 
    Participant

    Thanks.  Saw it before, but hadn’t played with it, yet…  Will add to my list, now that I have some free cycles.

    Some other web / php shells that may come in handy:

    http://www.sh3ll.org/

    *** NOTE *** – As always, test and feel comfortable that a given web / php shell isn’t doing something behind the scenes, before using it in a mission-critical / production/ customer’s environment.

  • #51289
     dynamik 
    Participant

    Another nice collection here: http://laudanum.inguardians.com/

You must be logged in to reply to this topic.

Copyright ©2019 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?