C-99-Shell-PHP7 – PHP 7 And Safe-Build Update Of The Popular C-99 Variant Of PHP Shell
C-99-Shell-PHP7
PHP 7 and safe-build Update of the popular C-99 variant of PHP Shell.
c-99-shell.php v.2.0 (PHP 7) (25.02.2019) Updated by: PinoyWH1Z for PHP 7
About C-99Shell
An excellent example of a web shell is the c-99 variant, which is a PHP shell (most of them calls it malware) often uploaded to a vulnerable web application to give hackers an interface. The c-99 shell lets the attacker take control of the processes of the Internet server, allowing him or her give commands on the server as the account under which the threat is operating. It lets the hacker upload, browse the file system, edit and view files, in addition, to deleting, moving them and changing permissions. Finding a c-99 shell is an excellent way to identify a compromise on a system. The c-99 shell is about 1500 lines long if packed and 4900+ if properly displayed, and some of its traits include showing security measures the web server may use, a file viewer that has permissions, a place w here the attacker can operate custom PHP code (PHP malware c-99 shell).
There are different variants of the c-99 shell that are being used today. This github release is an example of a relatively recent one. It has many signatures that can be utilized to write protective countermeasures.
About this release:
I’ve been using php shells as part of my Ethical Hacking activities. And I have noticed that most of the php shells that are downloadable online are encrypted with malicious codes and without you knowing, others also insert trackers so they can see where you placed your php shell at.
I’ve came up with an idea such as “what if I get the stable version of c-99shell and reverse the encrypted codes, remove the malicious codes and release it to public for good.” And yeah, I decided to do it, but I noticed that most of the servers now have upgraded their apache service to PHP 7, sadly, the codes that I have is for PHP 5.3 and below.
The good thing is.. only few lines of syntax are needed to be altered, so I did it.
Here you go mates, a clean and safe-build version of the most stable c-99shell that I can see.
If ever you see more bugs, please create an issue or just fork it, update it and do a pull request so I can check it and update the codes for stabilization.
PS:
This is a widely used php shell by hackers, so don’t freak out if your anti-virus/anti-malware detects this php file as malicious or treated as backdoor. Since you can see the codes in my re-released project, you can read all throughout the codes and inspect or even debug as much as you like.
Disclaimer:
I will NOT be held responsible for any unethical use of this hacking tool.
Official Release:
c-99shell_v2.0.zip (Zip Password: PinoyWH1Z
)
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on Patreon using the button below
To keep up to date follow us on the below channels.