fileGPS – A Tool That Help You To Guess How Your Shell Was Renamed After The Server-Side Script Of The File Uploader Saved It

Advent
While you add a shell on a web-server the usage of a record add capability, normally the record get renamed in more than a few tactics with the intention to save you direct get right of entry to to the record, RCE and record overwrite.
fileGPS is a device that makes use of more than a few ways to search out the brand new filename, after the server-side script renamed and stored it.
Probably the most ways utilized by fileGPS are:

  • More than a few hash of the filename
  • More than a few timestamps tips
  • Filename + PHP time() as much as 5 mins ahead of the beginning of the script
  • Such a lot of extra

BlackArch Linux:

pacman -S filegps

On different distros:

git clone https://github.com/0blio/filegps

The best way to write a module
Writing a module is slightly easy and lets you enforce your customized tactics of producing filename mixtures.
Underneath is a template in your modules:

#!/usr/bin/env python
# -*- coding: utf-8 -*-

"""
Module identify: take a look at
Coded through: Your identify / nickname
Model: X.X

Description:
This module ruin the arena.
"""
output = []

# Do a little computations right here

output = ["filename1.php", "filename2.asp", "filename3.jar"]

The variables url and filename are robotically imported from the core script, so you’ll name them to your module.
If you completed to jot down your module, you must put it aside in Modules/, and it’s going to be robotically imported as soon as the principle script is began.
You’ll use the module disgrace as a template in your modules.

Give a contribution to the undertaking
Do you need to lend a hand? Here is many ways you’ll do it:

  • Recommend a characteristic
  • Write a module
  • Record a computer virus

Contacts
Electronic mail: [email protected]

Particular thank you
Particular because of Panfilo Salutari for sharing with me concepts in regards to the undertaking.
Because of Claudio Sala for the brand.

Obtain fileGPS