MalwareSourceCode icon indicating copy to clipboard operation
MalwareSourceCode copied to clipboard

Published 20 hours ago verified publisher icon vxunderground

Some PHP (+1sh,1 undecompiled jar) shell and etc scripts

Open DartPower opened this issue 2 years ago • 3 comments

Some PHP (+1sh,1 undecompiled jar) shell and etc scripts

Contains some "salted base64" encoded scripts, shell source code and two another files: sh and jar. (needs to decomp i think, but maybe unuseful because have a public(maybe) maven info, but maybe this is "invisible" some i think)

I think 50%-100% of this archive is really need to add, also if you will decomp jar and decode the encryped PHP scripts. But some scripts not encrypted

Password: infected SomePHP_pass_infected.zip

DartPower avatar Mar 09 '23 13:03 DartPower

Hey DartPower, I have decompiled your jar script and I saw it have a variable named 'EvercookieExploit.payload' which i haven't understand what it exactly do, could you explain me more what does the jar file do? Thanks -T

theanonhackuk avatar Mar 17 '23 17:03 theanonhackuk

i found it on some from "git exposed" site dumps

DartPower avatar Mar 18 '23 20:03 DartPower

Will review it. Thanks

vxunderground avatar Jul 26 '23 14:07 vxunderground