-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathtest_webshell.py
executable file
·115 lines (94 loc) · 2.7 KB
/
test_webshell.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
#!/usr/bin/python3
import inspect
import subprocess
import sys
import time
import urllib.request
import os
from os import error
def setup():
# start php web server
try:
subprocess.Popen(["php", "-S", "127.0.0.1:8081"])
except error as e:
print("[-] failure in function: ", inspect.stack()[0][3])
print(e)
print("Do you have 'php' installed? Try 'php --help'; if its not there, install it.")
sys.exit(-1)
time.sleep(1)
def test_webshell():
url = "http://127.0.0.1:8081/webShell.php?cmd=echo+it_worked!>success.txt"
try:
urllib.request.urlopen(url)
except error as e:
print("[-] failure in function: ", inspect.stack()[0][3])
print(e)
sys.exit(-1)
# confirm test file is present
want = "it_worked!"
got = ""
try:
file = open("success.txt", "r")
got = file.read()
file.close()
except error as e:
print("[-] failure in function: ", inspect.stack()[0][3])
print(e)
sys.exit(-1)
got = got.rstrip()
if got != want:
print("[-] failure in function: ", inspect.stack()[0][3])
print(f"expected '{want}', got '{got}'")
sys.exit(-1)
def test_obfuscated_webshell():
url = "http://127.0.0.1:8081/obfuscated_webShell.php?Y21k=echo+it_worked!>success.txt"
try:
urllib.request.urlopen(url)
except error as e:
print("[-] failure in function: ", inspect.stack()[0][3])
print(e)
sys.exit(-1)
# confirm test file is present
want = "it_worked!"
got = ""
try:
file = open("success.txt", "r")
got = file.read()
file.close()
except error as e:
print("[-] failure in function: ", inspect.stack()[0][3])
print(e)
sys.exit(-1)
got = got.rstrip()
if got != want:
print("[-] failure in function: ", inspect.stack()[0][3])
print(f"expected '{want}', got '{got}'")
sys.exit(-1)
def teardown():
# kill php
try:
subprocess.Popen(["pkill", "-9", "php"])
except error as e:
print("[-] unable to kill php")
print(e)
sys.exit(-1)
try:
os.remove("success.txt")
except error as e:
print("[-] unable to delete 'success.txt'")
print(e)
sys.exit(-1)
def main():
print("[i] Starting PHP web server")
setup()
print("[i] Testing webShell.php")
test_webshell()
print("[+] Test passed")
print("[i] Testing obfuscated_webShell.php")
test_obfuscated_webshell()
print("[+] Test passed")
print("[i] Cleaning up test artifacts")
teardown()
print("[+] All tests passed - hooray!")
if __name__ == "__main__":
main()