Shell Backdoor List - PHP / ASP Shell Backdoor List

What is a shell backdoor ? A backdoor shell is a malicious piece of code e.g. PHP, Python, Ruby that can be uploaded to a site to gain access to files stored on that site. Once it is uploaded, the hacker can use it to edit, delete, or download any files on the site, or upload their own. How to...

Input validation

vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp...

PT-2019-6647

Name of the Vulnerable Software and Affected Versions vsftpd version 2.3.4 Description The issue concerns a backdoor in vsftpd that opens a shell on port 6200/tcp. This backdoor was present in versions of vsftpd 2.3.4 that were downloaded between 20110630 and 20110703. Recommendations For vsftpd...

Nagios < 4.2.4 - Local Privilege Escalation

!/bin/bash Source: https://legalhackers.com/advisories/Nagios-Exploit-Root-PrivEsc-CVE-2016-9566.html Nagios Core 4.2.4 Root Privilege Escalation PoC Exploit nagios-root-privesc.sh ver. 1.0 CVE-2016-9566 Discovered and coded by: Dawid Golunski dawidatlegalhackers.com https://legalhackers.com Foll...

Simple Backdoor Shell Remote Code Execution Exploit

This Metasploit module exploits unauthenticated simple web backdoor shells by leveraging the common backdoor shell's CMD parameter to execute commands. The SecLists project of Daniel Miessler and Jason Haddix has a lot of samples for these kind of backdoor shells which is categorized under...

Simple Backdoor Shell Remote Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Simple Backdoor Shell Remote Code Execution', 'Description' = %q This module exploits unauthenticated simple web backdoor shells by...

phpFileManager 0.9.8 CSRF Backdoor Shell Vulnerability

Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-PHPFILEMANAGER0729.txt Vendor: ================================ phpfm.sourceforge.net Product: ============================ phpFileManager version 0.9.8 Vulnerability Type:...

A serious Wordpress 0 day exploit reverse engineering analysis-vulnerability warning-the black bar safety net

In just the past weekend,I got from my modsecurity logs found an interesting warning,logging a submit to my Wordpress site with one network request. Although this request did not succeed,but I decided to be an in-depth study,and trying to figure out this request information in the end is what,it...

phpFileManager 0.9.8 Cross Site Request Forgery

Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-PHPFILEMANAGER0729.txt Vendor: ================================ phpfm.sourceforge.net Product: ============================ phpFileManager version 0.9.8 Vulnerability Type:...

phpFileManager 0.9.8 - Cross-Site Request Forgery

phpFileManager 0.9.8 - Cross-Site Request Forgery Exploit Title: CSRF Remote Backdoor Shell Google Dork: intitle: CSRF Remote Backdoor Shell Date: 2015-07-29 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org Vendor Homepage: phpfm.sourceforge.net Software Link:...

phpFileManager 0.9.8 - Cross-Site Request Forgery

Exploit Title: CSRF Remote Backdoor Shell Google Dork: intitle: CSRF Remote Backdoor Shell Date: 2015-07-29 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org Vendor Homepage: phpfm.sourceforge.net Software Link: phpfm.sourceforge.net Version: 0.9.8 Tested on: windows 7 SP1...

v2marketplacescript Upload_images Script (-7777) - Upload Shell Vulnerability

No description provided by source. ====================================================================== Uploadimages Script -7777 Upload Shell Vulnerability ======================================================================...

Free Image Hosting Script Arbitrary File Upload Vulnerability

No description provided by source. ============================================ Free Image Hosting Script Remote File Upload Vulnerability ============================================ Exploit Title: Free Image Hosting Script ALL VERSIONS Remote File Upload Vulnerability Date: 26/12/11 Author:...

Cacti <= 0.8.6d Remote Command Execution Exploit

No description provided by source. Note: This exploit contains backdoor shell code that is not located on this server. /str0ke !/usr/bin/perl Remote Command Execution Exploit for Cacti = 0.8.6d This exploit open a remote shell on the targets that uses Cacti TARGET HOST MUST BE A GNU/LINUX SERVER,...

HP Business Service Management 9.12 remote code execution vulnerability

Overview The HP Business Service Management HPBSM application contains a remote code execution vulnerability. Version 9.12 has been reported to be affected but other versions may also be affected. Description HPBSM uses the JBOSS application server. In the default configuration, HPBSM contains op...

@Mail Open webmail client contains multiple vulnerabilities

Overview The @Mail Open 1.04 webmail client contains multiple vulnerabilities including; unrestricted upload of file with dangerous type CWE-434, relative path traversal CWE-23, external control of file name or path CWE-73, and information exposure CWE-200. Description The @Mail Open 1.04 webmail...

SimogeoFilemanager Upload File Vulnerability

Exploit for php platform in category web applications RoxTeam Italian Hackers And Security Team 2012 Exploit Title: SimogeoFilemanager Upload File Vulnerability Date: 09/02/2012 Author: hack Author Email: RoxSecurityTeamatcomdothotmail.it Category: webapps Risk: Higt Vendor or Software Link:...

v2marketplacescript Upload_images Shell Upload

====================================================================== Uploadimages Script -7777 Upload Shell Vulnerability ====================================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /...

v2marketplacescript Upload_images Script (-7777) - Arbitrary File Upload

====================================================================== Uploadimages Script -7777 Upload Shell Vulnerability ====================================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /...

Cacti 0.8.6d - Remote Command Execution

Cacti 0.8.6d - Remote Command Execution Note: This exploit contains backdoor shell code that is not located on this server. /str0ke !/usr/bin/perl Remote Command Execution Exploit for Cacti http://www.example.com/cacti/graphimage.php?localgraphid=validvalue&graphstart=%0acommand%0a Patch: downloa...