(Containerized) Attack Shell
by Strund3r
Ani Shell
by lionaneesh
Note: This software was intended to be used for Demonstration and Learning Purposes only. The author is not responsible for any damage it may cause and user holds full responsibility of his/her actions. ALL CREDIT GOES TO @lionaneesh
Introduction
Attack Shell a.k.a. Ani-Shell is a simple PHP shell with some unique features like Mass Mailer, a simple Web-Server Fuzzer, Dosser, Back Connect, Bind Shell, Back Connect, Auto Rooter etc. This shell has immense capabilities and have been written with some coding standards in mind for better editing and customization.
Run on a local Docker Container
Run on terminal:
$ docker run -d -p 80:80 --name attack-shell strund3r/attack-shellTo find the container's IP address, run the following command:
$ docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' attack-shellIf you want to use a php.ini, change the Dockerfile to:
FROM k0st/alpine-apache-php
LABEL maintainer "[email protected]"
# Change the TZ according to your region
ENV TZ=America/Sao_Paulo
RUN apk add --update --virtual .build-deps tzdata && \
ln -snf /usr/share/zoneinfo/${TZ} /etc/localtime && \
echo "${TZ}" > /etc/timezone && \
apk del .build-deps
COPY config/php.ini /usr/local/etc/php/
COPY . /var/www/html
Where config/ is the directory containing your php.ini file.
Customization
-
Email Traceback is set to off as default and emails will not be sent. If you are setting this feature on, make sure you change the default email address ([email protected]) to your email address. Please change it before using!
-
Username and Password are set to admin and 12345678 respectively, please change them for better security.
-
The Lock Mode feature is set to on ! This should not be change unless you want your shell exposed.
-
The Anti-Crawler feature is set to off ! Change it to on for anti-crawler support.
-
A variable named greetings can be changed to change the Shell's greeting message.
Default Login
- Username: admin
- Password: 12345678
Features
- Shell
- Intelligent File Manager
- Auto Rooter
- PHP Obfuscate
- Platform Independent
- Mass - Mailer
- Small Web-Server Fuzzer
- Dosser
- Design
- Secure Login
- Deletion of Files
- Bind Shell
- Back Connect
- Fixed Some Coding errors!
- Rename Files
- Encoded Title
- Traceback (Email Alerts)
- PHP Evaluate
- Better Command Execution (supports older version of PHP)
- Mass Code Injector (Appender and Overwinter)
- Lock Mode Customization
- Mail Bomber (With Less Spam detection feature)
- PHP Decoder
- Anti-Crawler Feature
- MD5 Hash Cracker
- Python Bind-Shell
License
MIT License
Copyright (c) 2016, 2017 Franzwagner Ternus
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.