Webshells have been popular for a long time. We already covered this topic across multiple diaries[1][2]. I spent some time to track them[3] and slighly paid less attention to them but today I found another one. It seems to be a new player (pushed on Github two months ago).
The webshell is called ZypeerShell[4] and pretend to be “The most powerful, undetectable, and feature-rich PHP webshell available on GitHub.”. The shell is classic and provides most of the expected features for such tool:
I won’t review all the features because they are classic. In the webshell version I found, some functions were present but never called from the GUI. By example, the function zypeergsdeploy() helps to connect to a C2 server through GSocket
function zypeergsdeploy() {
zypeerhead();
echo '
0 comment(s)
Click HERE to learn more about classes Xavier is teaching for SANS
×
Leave a Reply