Skip to content

Releases: cseroad/Webshell_Generate

Webshell Generate 1.2.4

04 Mar 02:41
@cseroad cseroad
v1.2.4
02edc63
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Webshell Generate 1.2.4 Latest
Latest
  • 优化部分代码免杀
  • jsp部分通过OrderClassLoaders类调用defineClass方法
Assets 3
Loading

Webshell Generate 1.2.3

19 Jun 03:10
@cseroad cseroad
v1.2.3
e6b0ca8
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Webshell Generate 1.2.3

1、优化部分免杀代码
2、支持特殊字符密码

Assets 3
Loading

Webshell Generate 1.2.2

26 Apr 08:29
@cseroad cseroad
v1.2.2
f511371
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Webshell Generate 1.2.2

1、增加了asmx_Godzilla_CSHAP_ASMX_AES_BASE64免杀
2、增加了AntSword_jspjs无标签的jsp免杀
3、优化部分免杀代码

Assets 3
Loading

Webshell Generate 1.1

13 Jul 05:44
@cseroad cseroad
v1.1
c0ec227
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Webshell Generate 1.1

Webshell Generate 1.1
免杀说明:
jsp、jspx:

  • 争取将代码最小化、最简化
  • 代码层使用一些随机变量替换了标识符
  • cmd 访问为404是伪造的页面,为正常效果,使用:xxx.jsp?pass=
  • cmd_reflect 访问500,但不影响使用,使用:xxx.jsp?pass=
  • AntSword 访404为正常使用
  • behinder 访问404为正常使用
  • Godzilla 访问空白为正常使用
  • Godzilla 连接方式为Godzilla生成的加密方式
  • 添加随机注释绕过关键字
  • 使用反射调用defineClass()方法
  • 使用反射编写AES加密
  • 使用unicode编码进一步免杀处理
  • 添加了反射调用ProcessBuilder
    ......

php:

  • AntSword 为eval语言构造器,可以直接连接
  • AntSword_base64 需选择base64方式连接
Assets 3
Loading