December 26, 2012 at 9:22 pm #8099S0j@@nParticipant
WSO is a PHP shell backdoor that provide an interface for various remote operations. It can perform everything from remote code execution, bruteforcing of servers, provide server information, and more.
Download (packetstorm) Link :
Authorization for the cookies
File manager (copy, rename, move, delete, chmod, touch, create files and folders)
View, hexview, editing, downloading, uploading files
Working with zip archives (packing, unpacking) + compression tar.gz
SQL Manager (MySql, PostgreSql)
Execute PHP code
Working with Strings + hash search online databases
Bindport and back-Connect (Perl)
Bruteforce FTP, MySQL, PgSQL
Search files, search text in files
Support for * nix-like and Windows systems
Antipoiskovik (check User-Agent, if a search engine then returns 404 error)
You can use AJAX
Small size. Packaged version is 22.8 Kb
The choice of encoding, which employs a shell.
Remove comments from the first line .
Added option to dump certain columns of tables.
the size of large files are now well defined .
in the file properties field “Create time” changed to “Change time” (http://php.net/filectime).
Fixed a bug that caused not working mysql brute force if there was a port of the server .
Fixed a bug due to which one can not see the contents of a table called download in the database.
Youtube link :
December 26, 2012 at 9:31 pm #51288hayabusaParticipant
Thanks. Saw it before, but hadn’t played with it, yet… Will add to my list, now that I have some free cycles.
Some other web / php shells that may come in handy:
*** NOTE *** – As always, test and feel comfortable that a given web / php shell isn’t doing something behind the scenes, before using it in a mission-critical / production/ customer’s environment.
December 26, 2012 at 10:39 pm #51289
You must be logged in to reply to this topic.