antsword bypass PHP disable_functions
linux环境.使用插件的时候提示需要linux系统,
右边的shell状态获取不到.提示错误.
经过测试
如果当前的shell后面有传入的参数时,新生成的.antproxy.php中不会加上
例如:
http://www.xxx.com/a.php?test=assert
这个shell
生成的.antproxy.php中的第四行没有加入get的参数,就会导致连接失败
curl_setopt($aAccess, CURLOPT_URL, "http://127.0.0.1:63685/a.php");
一个小优化建议:
当前版本bypass后会自动在同目录生成.antproxy.php文件
需要手动添加shell
能否改为自动添加shell
本来是可以bypass的,但是后来上了waf,第二次写入代理脚本的时候就被拦截了
经过检查此目录有读写权限
于是想到蚁剑的代理脚本特征很有可能已经进了waf的规则查杀库,所以插件无法正常使用
个人建议是可以把生成的代理php脚本打印出来,用户可以根据需要复制粘贴,再进行进一步的混淆处理,希望能够采纳,谢谢。
我使用LD_PRELOAD模式,界面上shell "当前目录:false",可以上传成功so镜像,但是没有启动PHP SERVER,.antproxy.php也没有上传成功,最终显示失败,请问这是什么原因?
我看到php-fpm里面需要用到so文件来启动一个php server,想问一下so文件的源代码可以供学习参考一下吗
在kali和ubuntu两个环境都试过了,提示内容相同,不知道什么原因
你好,请问windows的服务器可以使用么
can you add this !
[Sun Jun 23 10:41:15.880997 2019] [:error] [pid 32465] [client 169.254.65.200:63206] PHP Fatal error: Call to undefined function curl_init() in /var/www/html/xxxx/yyyy/.antproxy.php on line 3
这一行是
$aAccess = curl_init();
我ubuntu18.04在
sudo apt install php5.6-curl
service apache2 restart
后可以了。但是这个不符合此前假设
目标机器无法主动外连,并且入站只有80端口可访问,目标机器上面不保证一定有python, 不一定有 perl。我们能肯定的是,应该是有php的,但美中不足的是PHP在5.4版本才引入了 -S 这个内置web服务器
的条件
list($headerstr,$sResponse)=explode("\r\n\r\n",$sResponse, 2);[Sun Jun 23 11:41:45.137806 2019] [:error] [pid 681] [client 169.254.65.200:50174] PHP Notice: Undefined offset: 1 in /var/www/html/xxxx/yyyy/.antproxy.php on line 58
用is_bool看了下,$sResponse是个bool值
建议.antproxy.php文件上传到当前shell目录,有时候根目录不可写。
使用FASTCGI的方式bypass显示so文件上传成功,但是代理脚本上传失败,发现重新启的FPM端口是开启的,自己上传.antproxy.php修改连接端口,一连接FPM端口就没了
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.