Offensive Sec Blog

Security of Information, Threat Intelligence, Hacking, Offensive Security, Pentest, Open Source, Hackers Tools, Leaks, Pr1v8, Premium Courses Free, etc

Sunday, January 10, 2016

DAws - Advanced Web Shell

           ,       No comments    

About

There's multiple things that makes DAws better than every Web Shell out there:

º Bypasses Security Systems using various methods.
º Drops CGI Shells and communicate with them to bypass Security Systems.
º Uses the SSH Authorized Keys method to bypass Security Systems.
º Uses Shellshock to bypass Security Systems.
º Is completely Post Based and uses a XOR Encryption based on a random key that gets       generated with every new session + private base64 functions to bypass Security Systems.
º Supports Windows and Linux.
º Find a writeable and readable directory and moves there if it's a web directory.
º Drops a php.ini and a .htaccess file that clears all disablers incase "suphp" was installed.
º Has an advanced File Manager
º Mostly everything is done automatically (when it comes to command or script execution)



Credits:

º dotcppfile
º Aces who helped me code the old version of DAws
º Vedu for checking and reporting bugs.


     
Share:

0 comentários:

Post a Comment

Note: Only a member of this blog may post a comment.

Copyright © Offensive Sec Blog | Powered by OffensiveSec
Design by OffSec | Theme by Nasa Records | Distributed By Pirate Edition