Kali Linux

AF-ShellHunter : Auto Shell Lookup

AF-ShellHunter its a script designed to automate the search of WebShell’s in AF Team

How To

pip3 install -r requirements.txt
python3 shellhunter.py –help

Basic Usage

You can run shellhunter in two modes

  • –url -u When scanning a single url
  • –file -f Scanning multiple URLs at once

Example searching webshell with burpsuite proxy, hiding string “404” with a size between 100 and 1000 chars

┌──(blueudp㉿xxxxxxxx)-[~/AF-ShellHunter]
└─$ python3 shellhunter.py -u https://xxxxxxxxxx -hs “404” -p burp –greater-than 100 –smaller-than 1000
Running AF-Team ShellHunt 1.1.0
URL: https://xxxxxxxxxx
Showing only: 200, 302
Threads: 20
Not showing coincidence with: 404
Proxy: burp
Greater than: 100
Smaller than: 1000
Found https://xxxxxxxxxx/system.php len: 881

File Configuration For Multiple Sites

phishing_list

#How to?
#set country block with [country], please read user_files/config.txt
#’show-response-code “option1” “option2″‘ -> show responses with those status codes, as -sc
#’show-string’ -> show match with that string, as -ss
#’show-regex’ -> show match with regex, as -sr
#use ‘not’ for not showing X in above options, as -h[option]
#’greater-than’ -> Show response greater than X, as -gt ( –greater-than )
#’smaller-than’ -> Show responses smaller than X, as -st ( –smaller-than )
#Example searching webshell with BurpSuite proxy. 302, 200 status code, not showing results w/ ‘página en mantenimiento’ with size between 100 and 1000 chars
[burp]
https://banco.phishing->show-response-code “302” “200”, not show-string “página en mantenimiento”, greater-than 100, smaller-than 1000
[noproxy]
banco.es-> # ShellHunt will add ‘http://

Setting Your Proxies And Custom Headers

config.txt

[HEADERS] # REQUESTS CUSTOM HEADERS, ADD ‘OPTION: VALUE’
User-Agent? Mozilla/5.0 (Linux; Android 8.0.0; SM-G960F Build/R16NW) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.84 Mobile Safari/537.36
Referer? bit.ly/THIS_is_PHISHING # Bypass referer protection
[PROXIES]
burp? https://127.0.0.1:8080,http://127.0.0.1:8080

Other Features

  • Filter by regex
  • Filter by string
  • Filter by HTTP Status code
  • Filter by length
  • Custom Headers
  • Custom proxy or proxy block for URL file
  • Multithreading ( custom workers number )
Download
R K

Leave a Comment
Share
Published by
R K
Tags: AF-ShellHunterAuto Shell Lookup
4 years ago

Recent Posts

How Do I Do Reverse Image Search

Have you ever come across a picture on the internet and wondered where it came…

6 days ago

WhatsMyName App – Find Anyone Across 640+ Platforms

Overview WhatsMyName is a free, community-driven OSINT tool designed to identify where a username exists…

3 weeks ago

Analyzing Directory Size Linux Tools Explained

Managing disk usage is a crucial task for Linux users and administrators alike. Understanding which…

3 weeks ago

Understanding Disk Usage with du Command

Efficient disk space management is vital in Linux, especially for system administrators who manage servers…

3 weeks ago

How to Check Directory Size in Linux

Knowing how to check directory sizes in Linux is essential for managing disk space and…

3 weeks ago

Essential Commands for Linux User Listing

Managing user accounts is a core responsibility for any Linux administrator. Whether you’re securing a…

3 weeks ago