sanyasi shell, mod_security bypasser by Team IndiShell

Pranaam to all bhai ji _/\_
First of all special thanks nd warm hugs to Hardeep bhai and Aasim bhai ji <3 (for his valuable suggestions which helps me to solve out mod_security issue )
me back , with one of my Favorite topic, Mod_security my endless love ............... <3
yessss , here goes one script that will help in bypassing  mod_security module security when you have shell wordpress website and your shell is in uploads directory and trying to upload other shell on server , in that case mod_security will block it :P
this code will help you , when you are trying to upload shell more then size 1 kb and server drop connection
in that case this code will bypass that shit and you will get shell on server 8-)

so lets start how to use this code ;)

here is the download link for tha script
sanyasi shell

you will heave to do only 2 things , upload your php shell on another server with .txt extension
like this

in line number 18, put your shell link  in between  " " (where this is written ->  file_get_contents("  ") )
for example, if your shell is hosted on other server with link ->  owned.com/shell.txt
line number 18 will be like this

ok now just need to define the shell generation location and its name too
like, you want to generate your shell in directory /home/website/public_html with name rr.php
so you will need to put this /home/user/public_html/rr.php
you can get path link from your shell which is getting block by mod_security :P
so lets back to code
in line number 19, replace text "location of file" with "home/user/public_html/rr.php"
like this

ok save it and upload it to the server where you are getting mod_security issue
once your shell got uploaded outside the uploads directory , you will be able to perform other task easily
so, lets take down this and get a shell with full power 8-)
i uploaded this php code using vulnerable  theme and script got upload in directory  wp-content/uploads/2014/04/
as i opened  this script , it fetched shell from remote server and generated shell in public_html directory with name rr.php

now , your shell  has been generated and it is outside the uploads directory, fU** down server like a cheap shit  :P because your shell will be free from many restriction like command execution and all
and its my recommendation not to use b374k shell :(
so ......... this was about this code which is very kiddish but works like a killer when mod_security try to put shit during your work :P

To dear mod_security development Team:- you can kiss my A** .
With Love from <3 Team Indishell <3
Feel free to comment if you face any problem regarding this script ;)

-==[[Greetz to]]==--
Guru ji zero ,code breaker ica, root_devil, google_warrior,INX_r0ot,Darkwolf indishell,Baba ,Silent poison India,Magnum sniper,Atul Dwivedi,ethicalnoob Indishell,Local root indishell,Irfninja indishell,Reborn India,L0rd Crus4d3r,cool toad,cool shavik,Hackuin,Alicks,Ebin V Thomas,Dinelson Amine,Th3 D3str0yer,SKSking,Mr. Trojan,rad paul,Godzila,mike waals,zoo,cyber warrior,Neo hacker ICA,Suriya Prakash,cyber gladiator,Cyber Ace, Golden boy INDIA,Ketan Singh,The creator,Yash,Aneesh Dogra,AR AR,saad abbasi,hero,Minhal Mehdi ,Raj bhai ji , Hacking queen ,lovetherisk,brown suger and rest of TEAM INDISHELL
--==[[Love to]]==--
# My Father , my Ex Teacher,cold fire hacker,Mannu, ViKi ,Ashu bhai ji,Soldier Of God, Bhuppi,Mohit, Ffe ^_^,Ashish,Shardhanand ,Budhaoo,anju,don and acchi bacchi(J.S),Inu and pal bhaisaab <3
--==[[Interface Desgined By]]==--
GCE College ke DON :D (deepika kaushik)

Share this post


  1. bhai ji , do you have any method to bypass mod security sqli ?


:) :-) :)) =)) :( :-( :(( :d :-d @-) :p :o :>) (o) [-( :-? (p) :-s (m) 8-) :-t :-b b-( :-# =p~ :-$ (b) (f) x-) (k) (h) (c) cheer

© 2009 Start With Linux | Mannu Linux
Designed by cyb3r.gladiat0r
Posts RSSComments RSS
Back to top