From 6428e5757589da06c7a77869af94ac36e5db186c Mon Sep 17 00:00:00 2001
From: chashtag <12386331+chashtag@users.noreply.github.com>
Date: Wed, 9 Feb 2022 21:37:00 -0500
Subject: [PATCH 1/2] Added more we shells Removed spaces from file name

---
 .../Web-Content/CommonBackdoors-PHP.fuzz.txt  | 491 ++++++++++++++----
 ...S wordlist.txt => Oracle-EBS-wordlist.txt} |   0
 2 files changed, 394 insertions(+), 97 deletions(-)
 rename Discovery/Web-Content/{Oracle EBS wordlist.txt => Oracle-EBS-wordlist.txt} (100%)

diff --git a/Discovery/Web-Content/CommonBackdoors-PHP.fuzz.txt b/Discovery/Web-Content/CommonBackdoors-PHP.fuzz.txt
index db098360..579256b4 100644
--- a/Discovery/Web-Content/CommonBackdoors-PHP.fuzz.txt
+++ b/Discovery/Web-Content/CommonBackdoors-PHP.fuzz.txt
@@ -1,148 +1,445 @@
-c99.php
-c99shell.php
-r57.php
-r58.php
-dra.php
-r00t.php
-root.php
-mma.php
-filesman.php
-Locus7s.php
-c99-Ultimate.php
-c100.php
-Ekin0x.php
-hacker.php
-safe0ver.php
-sniper.php
-spyshell.php
-CWShellDumper.php
-angel.php
-dq.php
-cmd.php
-liz0zim.php
-simattacker.php
-tryag.php
+0byt3m1n1.php
 150.php
-Ani-Shell.php
-Crystal.php
-Dx.php
-FaTaLisTiCz_Fx.php
-G5.php
-NCC-Shell.php
-NetworkFileManagerPHP.php
-PHANTASMA.php
-PHPJackal.php
-PHPRemoteView.php
-PHPSPY.php
-Php_Backdoor.txt.php
-Private-i3lue.php
-SnIpEr_SA Shell.php
-upl0ader.php
+1.php
+2008.php
+529.php
+accept_language.php
 acid.php
+a_gedit.php
+ajax_php command shell.php
+Ajax_PHP Command Shell.php
+Ajax_PHP_Command_Shell.php
+ak47shell.php
+AK-74.php
+ak-74 security team web shell beta version.php
+AK-74 Security Team Web Shell Beta Version.php
+ak74shell.php
+alfa3.php
+alfa.php
+andela 1c3 v3 (private release 2017).php
+Andela 1C3 v3 (Private Release 2017).php
+andela.php
+angel.php
+Ani-Shell.php
+anonexploitershell.php
 antichat.php
-shell.php
-udp.php
-ddos.php
+antichat shell. modified by go0o$e.php
+Antichat Shell. Modified by Go0o$E.php
+antichat shell.php
+Antichat Shell.php
+Antichat_Shell.php
+antichat shell v1.3.php
+antichat_shell_v1.3.php
+Antichat Shell v1.3.php
+Antichat_Shell_v1.3.php
+antichat socks5 server.php
+Antichat Socks5 Server.php
+aspydrv.php
+autoroot.php
+ayyildiz tim  -ayt- shell v 2.1 biz.php
+ayyildiz tim -ayt- shell v 2.1 biz.php
+Ayyildiz Tim  -AYT- Shell v 2.1 Biz.php
+Ayyildiz Tim -AYT- Shell v 2.1 Biz.php
+Ayyildiz_Tim.php
+ayyildiz tim shell (private shell 2017).php
+Ayyildiz Tim Shell (Private Shell 2017).php
+azrailphp v1.0.php
+aZRaiLPhp v1.0.php
+aZRaiLPhp_v1.0.php
+b374k-mini-shell-php.php
+b374k.php
+b374kv2.1.php
+b374v2.8-b374k.php
 b37.php
+backdoor1.php
+backdoorfr.php
+backup.php
 backupsql.php
+bayz21-priv-shell-v1.php
+bayz21-priv-shell-v2.php
+bayz21-priv-shell-v3.php
 bdotw44shell.php
+berandal-owlsquad.php
+bloodsecv4.php
 bug.php
+bypass403.php
+bypass529.php
+bypass-login.php
+c0derz shell [csh] v. 0.1.1 release.php
+c100.php
+c2007.php
 c37.php
 c66.php
-c99-shadows-mod.php
-c99_PSych0.php
 c99_locus7s.php
 c99_madnet.php
-c99_w4cking.php
 c99madshell.php
+c99madshell v. 2.0 madnet edition.php
+C99madShell v. 2.0 madnet edition.php
+c99madshell_v2.0.php
+c99madshell_v2.1.php
+c99.php
+c99php.php
+c99_PSych0.php
+c99-shadows-mod.php
+c99shell.php
+c99shell_v1.0.php
 c99ud.php
+c99-Ultimate.php
 c99unlimited.php
 c99v2.php
+c99_w4cking.php
+casus 1.5.php
+casus15.php
+Casus15.php
+CasuS 1.5.php
+CasuS-1.5.php
 cbfphpsh.php
+cgitelnet.php
 cihshell_fix.php
-co.php
+cmd.aspx
+cmd.jsp
+cmd.php
+cmd.sh
+cmd-simple.php
+cmd.war
+con7ext-shell-v.2-l o l.php
+Con7ext-Shell-V.2-l o l.php
+configkillerionkros.php
 connect-back.php
+co.php
+cpanel.php
 cpg_143_incl_xpl.php
+crystal.php
+Crystal.php
+CrystalShell.php
+crystalshell v.1.php
+CrystalShell v.1.php
+csh.php
 ctt_sh.php
+cw.php
+CWShellDumper.php
+cyberlords_sql.php
 cybershell.php
+cyber shell (v 1.0).php
+Cyber Shell (v 1.0).php
+dc3 security crew shell priv.php
+dC3 Security Crew Shell PRiV.php
+dC3_Security.php
+ddos.php
+dive shell 1.0 - emperor hacking team.php
+Dive Shell 1.0 - Emperor Hacking Team.php
+Dive_Shell.php
+dns.asp
+dns.aspx
+dns.php
+dq.php
+dra.php
+dtool pro.php
+DTool Pro.php
+DTool_Pro.php
+dx.php
+Dx.php
+dxshell.php
+DxShell.php
 egy.php
+Ekin0x.php
+engineers security (private php shell 2017).php
+Engineers Security (Private PHP Shell 2017).php
 erne.php
 ex0shell.php
+FaTaLisTiCz_Fx.php
+fatal.php
+fatalshell.php
+Fatalshell.php
+file.asp
+file.aspx
+file.php
+filesman.php
+framer.php
+ftpsearch.php
+fuckphpshell.php
+g00nshell-v1.3.php
 g00nv13.php
+G5.php
+gamma web shell.php
+Gamma Web Shell.php
+Gamma_Web_Shell.php
+gfs_sh.php
+gfs web-shell ver 3.1.7 - priv8.php
+gfs_web-shell_ver_3.1.7_-_priv8.php
+GFS web-shell ver 3.1.7 - PRiV8.php
+GFS_web-shell_ver_3.1.7_-_PRiV8.php
+grp webshell 2.0 release build 2018 (c)2006,great.php
+GRP WebShell 2.0 release build 2018 (C)2006,Great.php
+GRP_WebShell.php
+g-security-webshell.php
+G-Security-Webshell.php
+h4ntu shell.php
+h4ntu shell [powered by tsoi].php
+hacker.php
+hector-uploader.php
+hiddens shell v1.php
+hidshell.php
 hkrkoz.php
+img.php
+imhapftp.php
+iMHaPFtp.php
+indoxploit-mass-defacer.php
+indoxploit.php
+IndoXploit.php
 ironshell.php
 isko.php
 iskorpitx.php
 itsecteam_shell.php
+jav-shellv1.1-maqlo.php
+jca.php
+jspshell.jsp
+JspWebshell_1.2.php
+k2ll33d.php
+kadot universal shell v0.1.6.php
+KAdot Universal Shell v0.1.6.php
+KA_uShell_0.1.6.php
+ka_ushell.php
+KA_uShell.php
+kral.php
+kuda.php
+lamashell.php
+lifkas.php
+lifkaS.php
+list.jsp
+list.php
+list.sh
+liz0zim.php
+liz0zim private safe mode command execuriton bypass exploit.php
+Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.php
+loaderz web shell.php
+Loaderz WEB Shell.php
+Loaderz_WEB_Shell.php
+load_shell.php
+Locus7s.php
 locus.php
 log.php
-simple_cmd.php
-zacosmall.php
-weevely.php
-AK-74.php
-Ajax_PHP_Command_Shell.php
-Antichat_Shell.php
-Ayyildiz_Tim.php
-CasuS-1.5.php
-CrystalShell.php
-DTool_Pro.php
-Dive_Shell.php
-GRP_WebShell.php
-Gamma_Web_Shell.php
-JspWebshell_1.2.php
-KA_uShell_0.1.6.php
-Loaderz_WEB_Shell.php
-Mackers_Private_Shell.php
-Moroccan_Spamers.php
-MyShell.php
-NGH.php
-NTDaddy_v1.9.php
-Non-alphanumeric.php
-PHP_Shell.php
-PHVayv.php
-PhpSpy.php
-Predator.php
-Rootshell.v.1.0.php
-STNC_WebShell_v0.8.php
-Safe0ver_Shell.php
-Safe_Mode_Bypass.php
-SimShell.php
-Simple_PHP_backdoor.php
-Sincap_1.0.php
-Small_Web_Shell.php
-WinX_Shell.php
-Worse_Linux_Shell.php
-ZyklonShell.php
-aZRaiLPhp_v1.0.php
-alfa3.php
-andela.php
-aspydrv.php
-bloodsecv4.php
-cgitelnet.php
-configkillerionkros.php
-dC3_Security.php
-g00nshell-v1.3.php
-jspshell.jsp
-kral.php
-lifkaS.php
 lolipop.php
+lostdc.php
 lostDC.php
+lotfree.php
+LOTFREE.php
+macker's private phpshell.php
+Macker's Private PHPShell.php
+Mackers_Private_Shell.php
+mailer3.php
+makewar.sh
+marion001.php
 matamu.php
 megabor.php
+mini.php
+mma.php
+moroccan spamers ma-edition by ghost.php
+Moroccan Spamers Ma-EditioN By GhOsT.php
+Moroccan_Spamers.php
+myshell.php
+MyShell.php
+mysql interface v1.0.php
+Mysql interface v1.0.php
+mysql.php
+mysql_shell.php
+mysql_tool.php
+mysql web interface version 0.8.php
+MySQL Web Interface Version 0.8.php
+ncc-shell.php
+NCC-Shell.php
+nc.exe
+networkfilemanagerphp.php
+NetworkFileManagerPHP.php
+network.php
+nfm.php
+ngh.php
+NGH.php
+nix remote web-shell v.0.5 alpha lite public version.php
+NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.php
+nixrem.php
+nobody-uploader.php
+non-alphanumeric.php
+Non-alphanumeric.php
+nshell (1).php
+Nshell (1).php
+nshell.php
+nst.php
+nstview.php
+ntdaddy v1.9.php
+NTDaddy v1.9.php
+NTDaddy_v1.9.php
+obfuscated-phpshell.php
 obfuscated-punknopass.php
-pHpINJ.php
+p0wny-shell.php
+phantasma.php
+PHANTASMA.php
+phpbackdoor15.php
+php backdoor connect.pl.php
+PHP Backdoor Connect.pl.php
 php-backdoor.php
-punk-nopass.php
+Php_Backdoor.txt.php
+php-include-w-shell.php
+phpinj.php
+pHpINJ.php
+phpjackal.php
+PHPJackal.php
+phpremoteview.php
+PHPRemoteView.php
+php-reverse-shell.php
+phpshell17.php
+php shell.php
+PHP Shell.php
+PHP_Shell.php
+PhpSpy.php
+PHPSPY.php
+phpspy ver 2006.php
+PhpSpy Ver 2006.php
+ph vayv.php
+phvayv.php
+PH Vayv.php
+PHVayv.php
+phvayvv.php
+pinoy lulzsec (private shell 2017).php
+Pinoy LULZSec (Private Shell 2017).php
+plugin-shell.php
+predator.php
+Predator.php
+priv8.php
+PRiV8.php
+private-i3lue.php
+Private-i3lue.php
+proxy.asp
+proxy.php
 punkholic.php
+punk-nopass.php
 pws.php
 qsd-backdoor.php
+qsd-php-backdoor.php
+r00t.php
+r577.php
+r57.php
+r57 shell.php
+r57shell.php
+r57 Shell.php
+r58.php
+rem view.php
+Rem View.php
+reverse.jsp
+root.php
+rootshell.php
+rootshell.v.1.0.php
+Rootshell.v.1.0.php
+rst_sql.php
 ru24_post_sh.php
+russian.php
+Russian.php
+s72_shell
 s72_Shell.php
+s72 shell v1.1 coding.php
+s72 Shell v1.1 Coding.php
+sadrazam.php
+safe0ver.php
+Safe0ver_Shell.php
+safe0ver shell -safe mod bypass by evilc0der.php
+Safe0ver Shell -Safe Mod Bypass By Evilc0der.php
+Safe_Mode_Bypass.php
+safe_mode bypass php 4.4.2 and php 5.1.2.php
+Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2.php
+securityghost-priv-zero5.php
+securityghost-priv-Zero5.php
+shankar.php
+shell.asp
+shell.aspx
+shell.cfm
+shell.php
+shor7cut shell (beta killer).php
+SHOR7CUT Shell (BETA KILLER).php
+sh.php
+simattacker.php
+simattacker - vrsion 1.0.0 - priv8 4 my friend.php
+SimAttacker - Vrsion 1.0.0 - priv8 4 My friend.php
 simple-backdoor.php
+simple_cmd.php
+simple_php_backdoor_by_dk.php
+Simple_PHP_backdoor_by_DK.php
+simple-php-backdoor.php
+Simple_PHP_backdoor.php
+simple-shell.jsp
+simple-shell.php
+simple-upload.php
+simple-uploadv2.php
+simshell 1.0 - simorgh security mgz.php
+SimShell 1.0 - Simorgh Security MGZ.php
+SimShell.php
+sincap 1.0.php
+Sincap 1.0.php
+Sincap_1.0.php
+sincap.php
+Sincap.php
+small.php
+small web shell by zaco.php
+Small Web Shell by ZaCo.php
+Small_Web_Shell.php
 smevk.php
+sniper.php
+sniper_sa.php
+SnIpEr_SA.php
+sniper_sa shell.php
+sniper_sa_shell.php
+SnIpEr_SA Shell.php
 soldierofallah.php
 sosyete.php
+specialshell_99.php
+SpecialShell_99.php
+s.php
 spygrup.php
+spy.php
+spyshell.php
+sql.php
+sses.php
+SsEs.php
+stnc.php
+STNC.php
+STNC_WebShell_v0.8.php
 stres.php
+stupidc0de shell (2017).php
+Stupidc0de Shell (2017).php
+sym.php
+test.php
+Test.php
+tryag.php
+udp.php
+upl0ader.php
+uploader.php
+up.php
+up.sh
+w3d.php
+w4k.php
+wacking.php
+webadmin.php
+webshell.php
+web.xml
+weevely.php
+who am i - mzrp105 (private php shell).php
+WHO AM I - MZRP105 (Private PHP Shell).php
+winx shell.php
+WinX Shell.php
+WinX_Shell.php
+WordPress
+wordpress mass defacer (fud 2017).php
+Wordpress Mass Defacer (FUD 2017).php
+wordpress.php
+worse linux shell.php
+Worse Linux Shell.php
+Worse_Linux_Shell.php
+w.php
+wso2.7.php
 wso2.8.5.php
+wso2.8.php
+wso-latest.php
+wso.php
+xinfo.php
+zacosmall.php
 zehir4.php
+ZyklonShell.php
diff --git a/Discovery/Web-Content/Oracle EBS wordlist.txt b/Discovery/Web-Content/Oracle-EBS-wordlist.txt
similarity index 100%
rename from Discovery/Web-Content/Oracle EBS wordlist.txt
rename to Discovery/Web-Content/Oracle-EBS-wordlist.txt

From a6f336de8c06ba84d660c0d7d11ef31fdef2dbf4 Mon Sep 17 00:00:00 2001
From: chashtag <12386331+chashtag@users.noreply.github.com>
Date: Wed, 9 Feb 2022 21:42:25 -0500
Subject: [PATCH 2/2] removed non php shells

---
 .../Web-Content/CommonBackdoors-PHP.fuzz.txt  | 23 -------------------
 1 file changed, 23 deletions(-)

diff --git a/Discovery/Web-Content/CommonBackdoors-PHP.fuzz.txt b/Discovery/Web-Content/CommonBackdoors-PHP.fuzz.txt
index 579256b4..e6c18b3d 100644
--- a/Discovery/Web-Content/CommonBackdoors-PHP.fuzz.txt
+++ b/Discovery/Web-Content/CommonBackdoors-PHP.fuzz.txt
@@ -96,12 +96,8 @@ CasuS-1.5.php
 cbfphpsh.php
 cgitelnet.php
 cihshell_fix.php
-cmd.aspx
-cmd.jsp
 cmd.php
-cmd.sh
 cmd-simple.php
-cmd.war
 con7ext-shell-v.2-l o l.php
 Con7ext-Shell-V.2-l o l.php
 configkillerionkros.php
@@ -129,8 +125,6 @@ ddos.php
 dive shell 1.0 - emperor hacking team.php
 Dive Shell 1.0 - Emperor Hacking Team.php
 Dive_Shell.php
-dns.asp
-dns.aspx
 dns.php
 dq.php
 dra.php
@@ -151,8 +145,6 @@ FaTaLisTiCz_Fx.php
 fatal.php
 fatalshell.php
 Fatalshell.php
-file.asp
-file.aspx
 file.php
 filesman.php
 framer.php
@@ -193,7 +185,6 @@ iskorpitx.php
 itsecteam_shell.php
 jav-shellv1.1-maqlo.php
 jca.php
-jspshell.jsp
 JspWebshell_1.2.php
 k2ll33d.php
 kadot universal shell v0.1.6.php
@@ -206,9 +197,7 @@ kuda.php
 lamashell.php
 lifkas.php
 lifkaS.php
-list.jsp
 list.php
-list.sh
 liz0zim.php
 liz0zim private safe mode command execuriton bypass exploit.php
 Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.php
@@ -228,7 +217,6 @@ macker's private phpshell.php
 Macker's Private PHPShell.php
 Mackers_Private_Shell.php
 mailer3.php
-makewar.sh
 marion001.php
 matamu.php
 megabor.php
@@ -248,7 +236,6 @@ mysql web interface version 0.8.php
 MySQL Web Interface Version 0.8.php
 ncc-shell.php
 NCC-Shell.php
-nc.exe
 networkfilemanagerphp.php
 NetworkFileManagerPHP.php
 network.php
@@ -309,7 +296,6 @@ priv8.php
 PRiV8.php
 private-i3lue.php
 Private-i3lue.php
-proxy.asp
 proxy.php
 punkholic.php
 punk-nopass.php
@@ -325,7 +311,6 @@ r57 Shell.php
 r58.php
 rem view.php
 Rem View.php
-reverse.jsp
 root.php
 rootshell.php
 rootshell.v.1.0.php
@@ -334,7 +319,6 @@ rst_sql.php
 ru24_post_sh.php
 russian.php
 Russian.php
-s72_shell
 s72_Shell.php
 s72 shell v1.1 coding.php
 s72 Shell v1.1 Coding.php
@@ -349,9 +333,6 @@ Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2.php
 securityghost-priv-zero5.php
 securityghost-priv-Zero5.php
 shankar.php
-shell.asp
-shell.aspx
-shell.cfm
 shell.php
 shor7cut shell (beta killer).php
 SHOR7CUT Shell (BETA KILLER).php
@@ -365,7 +346,6 @@ simple_php_backdoor_by_dk.php
 Simple_PHP_backdoor_by_DK.php
 simple-php-backdoor.php
 Simple_PHP_backdoor.php
-simple-shell.jsp
 simple-shell.php
 simple-upload.php
 simple-uploadv2.php
@@ -413,20 +393,17 @@ udp.php
 upl0ader.php
 uploader.php
 up.php
-up.sh
 w3d.php
 w4k.php
 wacking.php
 webadmin.php
 webshell.php
-web.xml
 weevely.php
 who am i - mzrp105 (private php shell).php
 WHO AM I - MZRP105 (Private PHP Shell).php
 winx shell.php
 WinX Shell.php
 WinX_Shell.php
-WordPress
 wordpress mass defacer (fud 2017).php
 Wordpress Mass Defacer (FUD 2017).php
 wordpress.php