Htshells

Self contained htaccess shells and attacks
Alternatives To Htshells
Project NameStarsDownloadsRepos Using ThisPackages Using ThisMost Recent CommitTotal ReleasesLatest ReleaseOpen IssuesLicenseLanguage
Openrasp2,450
2 months ago13January 22, 202243apache-2.0C++
🔥Open source RASP solution
Htshells801
a year ago1gpl-3.0Shell
Self contained htaccess shells and attacks
Rogue Jndi769
a year ago7mitJava
A malicious LDAP server for JNDI injection attacks
Dhcpwn639
35 years ago4June 04, 2018gpl-3.0Python
All your IPs are belong to us.
Ssti Payloads465
a month agomit
🎯 Server Side Template Injection Payloads
Raven Storm389
2 years agon,ullotherPython
Raven-Storm is a powerful DDoS toolkit for penetration tests, including attacks for several protocols written in python. Takedown many connections using several exotic and classic protocols.
Pina Colada261
4 years ago34mitPython
A powerful and extensible wireless drop box
Secureserver125
6 years ago2mitGo
A Simple, Secured Default HTTP(S) Server for Golang
Copycat103
6 years ago1JavaScript
Universal MITM web server
Heartbeat102
9 years ago2Ruby
Ruby script to test your server for the TLS Heartbleed attack.
Alternatives To Htshells
Select To Compare


Alternative Project Comparisons
Readme

HTSHELLS - Self contained web shells and other attacks via .htaccess files.

Attacks are named in the following fashion, module.attack.htaccess and grouped by attack type in directories. Pick the one you need and copy it to a new file named .htaccess, check the file to see if it needs editing before you upload it. Web shells executes commands from the query parameter c, unless the file states otherwise.

To prepare run ./prepare.sh file which will generate the .htaccess file to be uploaded. Example:

$ ./prepare.sh shell/mod_php.shell.htaccess
┬ ┬┌┬┐┌─┐┬ ┬┌─┐┬  ┬  ┌─┐
├─┤ │ └─┐├─┤├┤ │  │  └─┐
┴ ┴ ┴ └─┘┴ ┴└─┘┴─┘┴─┘└─┘
 justanotherhacker.com

.htaccess file is ready
$ curl -F '[email protected]' -k https://target/upload.php
$ curl -k https://target/uploads/.htaccess?c=id
...
# uid=33(www-data) gid=33(www-data) groups=33(www-data)

== DOS/ # Denial of service attacks

  • apache.dos.htaccess Makes all requests return a 500 internal server error

  • mod_rewrite.dos.htaccess Regular expression dos condition in mod_rewrite consumes a child process

== INFO/ # Information disclosure attacks

  • modcheck/ Include additional response headers to indicate which Apache modules are active

  • mod_caucho.info.htaccess untested Server status binding for the mod_caucho Resin java server module

  • mod_clamav.info.htaccess Clamav status page binding

  • mod_info.info.htaccess Server info binding for Apache

  • mod_ldap.info.htaccess untested Server status binding for the mod_ldap server module

  • mod_perl.info.htaccess Display the mod_perl status page

  • mod_php.info.htaccess Make all php pages show source instead of executing

  • mod_status.info.htacces Server status binding for Apache

== SHELL/ # Interactive command execution

  • mod_caucho.shell.htaccess untested JSP based web shell

  • mod_cgi.shell.bash.htaccess Shell using bash under the cgi handler, Requires exec flag to be set on the htaccess file.

  • mod_cgi.shell.windows.htaccess untested Gives shell through php.exe via apache cgi configuration directives

  • mod_include.shell.htaccess Server Side Include based web shell

  • mod_multi.shell.htaccess Multiple shells in one .htaccess file, one attack fits all approach

  • mod_perl.shell.htaccess incomplete TODO

  • mod_php.shell.htaccess PHP based web shell access via http://domain/path/.htaccess?c=command

  • mod_php.shell2.htaccess Alternate method of invoking a php shell from .htaccess file

  • mod_php.stealth.shell.htaccess PHP based stealth backdoor - see http://www.justanotherhacker.com/2011/12/writing-a-stealth-web-shell.html for tutorial

  • mod_python.shell.htaccess

  • mod_ruby.shell.htaccess

  • mod_suphp.shell.htaccess

== TRAVERSAL/ # Directory traversal attacks

  • mod_hitlog.traversal.htaccess Directory traversal attack via hitlog module tries to read /etc/passwd

  • mod_layout.traversal.htaccess Directory traversal attack reads /etc/passwd

== ./ # Various attacks

  • mod_auth_remote.phish.htaccess untested Forward basic auth credentials to server of your choice

  • mod_badge.admin.htaccess mod_badge admin page binding

  • mod_sendmail.rce.htaccess untested Executes commands configured in the .htaccess file by specifying path and arguments to "sendmail" binary

Wireghoul - http://www.justanotherhacker.com

Popular Attack Projects
Popular Server Projects
Popular Security Categories
Related Searches

Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.
Shell
Server
Security
Bindings
Mod
Apache
Attack
Penetration Testing
Traversal
Webshell