Pranaam to all bhai ji _/\_
Today i am going to share a script which help in bypassing mod security scanning during php shell upload .
if mod security module is blocking your php shell when you are trying to upload it to gain access on server , this script will help you bypassing this shit :P
ok
here is the screen shot of the script
here is the download link :-
--==[[ http://www.mediafire.com/download/231p6a7ecusqy9x/ethicalnoob.php ]]==--
Script mechanism is
1.run this script on your machine
2.paste your shell code in the text area and type a name with which you want to
generate php file which will contain your shell code
bydefault its ica.php, you can type your's one and click on "chall billu" button :P
3. script will print a message in which it will say that bypassing shell has been generated and you will get a file in the same directory with name you defined , like i am generating bypassing shell with name ica.php
4.we will use newly genarated bypassing shell to bypass mod security , as i have already told that bypasser php file will contain hacking shell code inside it
so we will upload this bypasser shell on server to bypass mod security scanning and after uploading bypasser shell we can generate our shell on server :P
5.after uploading bypasser shell , access it and generate your shell on server .
you have to specify with which name you want to generate you shell. you can generate your shell as many time as you want :)
6.access your shell and enjoy :)
Note:- please dont upload ethicalnoob.php on server for generating shell :P . its batter to use script on your local machine and generate bypasser shell and upload that script on server else you may face such type of error .
http://www.mediafire.com/download/bahnr9tery9jftc/ica.php
so here is the procedure , i am explaining using screen shots
open ethicalnoob.php script and paste your shell code in text area,type your bypasser shell name (i am going to generate bypasser shell with name ica.php)
i would recommend to use shell encoded in any kind of php encoding
click "chall billu" button and you will get screen like this
bypasser shell has been generated. ica.php is the php file which we will use in bypassing mod security file scanning for shell upload.
ica.php contains you shell code and has capability to bypass mod security scanning mechanism .
upload it on server , open ica.php. you will get like this ;)
ok , once your bypasser shell has been uploaded on server , its time to generate your shell XD
type shell name in input box where line "Generate 5h3ll with name ==>" written
bydefault its noob.php and click on "click to generate 5h3ll" button
your shell will be generated in the same directory with name you specified and you can access it ;) (mine shell name is noob.php)
for example, i has bypasser on a server and its location is
lab.com/ica/ei.php
shell location will be
lab.com/ica/noob.php
note:- you can generate shell again and again using ica.php :P antivirus or scanner wont be able to detect it ;)
and game over =))
your shell is on server
if still you face problem regarding shell detection by mod_security , message me on facebook
https://www.facebook.com/manish1046
enjoy
and thank you :)
Greetz to :-
Zero cool ,code breaker ica, Aasim shaikh,Reborn, Raman kumar rana,INX_r0ot,Darkwolf indishell, Chinmay Pandya ,Silent poison India,Magnum sniper,Atul Dwivedi,ethicalnoob Indishell,Local root indishell,Irfninja indishell,Hardeep bhai,Mannu,Viki , AR AR bhai ji, Anju and Deepika kaushik
0 comments