Advanced Web Shell - DAws
There's multiple things that makes DAws better than every Web Shell out there:
- Bypasses Security Systems(IPS, WAFs,etc) like Suhosin(uses up to 20 php functions just to get a command executed).
- Drops CGI Shells and communicate with them to bypass Security Systems.
- Uses the SSH Authorized Keys method to bypass Security Systems.
- Uses Shellshock in 2 methods to bypass Security Systems.
- Is completely Post Based and uses a XOR Encryption based on a random key that gets generated with every new session + private base64 functions to bypass Security Systems.
- Supports Windows and Linux.
- Finds a writeable and readable directory and moves there if it's a web directory; DAws will output everything in that found directory.
- Drops a php.ini and a .htaccess file that clears all disablers incase "suphp" was installed.
- Has an advanced File Manager.
- Everything is done automatically so there's nothing for the user to worry about.
- Open Source.
- and much more (check the source for more information; everything is well commented)
Credits: