PHP 7 and safe-build Update of the popular C99 variant of PHP Shell.
c99shell.php v.2.0 (PHP 7) (25.02.2019) Updated by: PinoyWH1Z for PHP 7
Preview
About C99Shell
The c99 variant is a PHP-based web shell, often considered as malware, that hackers upload to vulnerable web applications to gain control of the Internet server. By exploiting the vulnerability, attackers can use the c99 shell to access the server processes, issue commands, and operate as the account under which the threat is operating. In addition, the c99 shell allows the hacker to browse the file system, upload, edit, view, delete, move files, and change permissions. Detecting the presence of the c99 shell can help identify security breaches in the system.
The c99 shell code is approximately 1500 lines when compressed and over 4900 lines when properly displayed. Some of its features include displaying the web server’s security measures, a file viewer with permission settings, and a place where the attacker can execute custom PHP code (i.e., PHP malware c99 shell).
There are several variants of the c99 shell that hackers use today, with new versions continuously emerging. For instance, one can find a relatively recent c99 shell variant on GitHub that has multiple signatures that developers can use to implement protective countermeasures.
PS
It’s important to note that this PHP shell is commonly employed by hackers, therefore your anti-virus or anti-malware program may flag it as malicious or classify it as a backdoor. However, because the code is visible in my re-released project, you have the ability to read through it thoroughly and inspect or debug it to your heart’s content without worry.
About this release
The individual states that they have been using php shells for Ethical Hacking purposes and noticed that most of the downloadable shells online are encrypted with malicious codes. They also observed that some of the shells contain trackers that allow others to monitor the placement of the php shell.
The invidual came up with an idea to obtain the stable version of c99shell, reverse the encrypted codes, remove the malicious codes, and release it to the public. They discovered that most servers had upgraded their apache service to PHP 7, which made the codes they had for PHP 5.3 and below obsolete.
However, the individual was able to make only a few syntax changes to the code to make it compatible with PHP 7. They have now released a clean and safe version of the stable c99shell for public use. The individual invites users to report any bugs they find, create an issue or fork the code, update it, and submit a pull request for their review.
Disclaimer
We cannot guarantee or accept responsibility for any unethical use of this hacking tool.