Jatayu : Stealthy Stand Alone PHP Web Shell

JATAYU a Stealthy Stand Alone PHP Web Shell .

FEATURES

Http Header Based Authentication.
100% Undetectable.
Exec Function Changer.
Nothing Fancy

USAGE

GET /test/jatayu.php?fn=1&&cmd=whoami
Host : http://test.com
Authtoken : bb3b1a1f-0447-42a6-955a-88681fb88499

FUNCTIONS

PARAMETER	FUNCTION
fn=1	Calls function shell_exec()
fn=2	Calls function system()
cmd=id	Executes command

GENERATE AUTHTOKEN

php
$r = unpack(‘v*’, fread(fopen(‘/dev/random’, ‘r’),16));
$apiKey = sprintf(‘%04x%04x-%04x-%04x-%04x-%04x%04x%04x’,
$r[1], $r[2], $r[3], $r[4] & 0x0fff | 0x4000,
$r[5] & 0x3fff | 0x8000, $r[6], $r[7], $r[8]);
echo $apiKey;
?>

Download

R K

Next Scylla : The Simplistic Information Gathering Engine »

Previous « Chain-Reactor : An Open Source Framework For Composing Executables

Bomber : Navigating Security Vulnerabilities In SBOMs

bomber is an application that scans SBOMs for security vulnerabilities. So you've asked a vendor…

13 hours ago

Malware

EmbedPayloadInPng : A Guide To Embedding And Extracting Encrypted Payloads In PNG Files

Embed a payload within a PNG file by splitting the payload across multiple IDAT sections.…

13 hours ago

Cyber security

Exploit Street – Navigating The New Terrain Of Windows LPEs

Exploit-Street, where we dive into the ever-evolving world of cybersecurity with a focus on Local…

3 days ago

Hacking Tools

ShadowDumper – Advanced Techniques For LSASS Memory Extraction

Shadow Dumper is a powerful tool used to dump LSASS (Local Security Authority Subsystem Service)…

3 days ago

Hacking Tools

Shadow-rs : Harnessing Rust’s Power For Kernel-Level Security Research

shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…

2 weeks ago

Cyber security

ExecutePeFromPngViaLNK – Advanced Execution Of Embedded PE Files via PNG And LNK

Extract and execute a PE embedded within a PNG file using an LNK file. The…

3 weeks ago