diff --git a/data/shell/stagers/stager.asp_ b/data/shell/stagers/stager.asp_ index b9dd8e714..ff0201d5f 100644 Binary files a/data/shell/stagers/stager.asp_ and b/data/shell/stagers/stager.asp_ differ diff --git a/data/shell/stagers/stager.aspx_ b/data/shell/stagers/stager.aspx_ index efd39317c..d7d399b1b 100644 Binary files a/data/shell/stagers/stager.aspx_ and b/data/shell/stagers/stager.aspx_ differ diff --git a/data/shell/stagers/stager.jsp_ b/data/shell/stagers/stager.jsp_ index 2abd02252..5e021bffd 100644 Binary files a/data/shell/stagers/stager.jsp_ and b/data/shell/stagers/stager.jsp_ differ diff --git a/data/shell/stagers/stager.php_ b/data/shell/stagers/stager.php_ index 1c974369a..4d427ce13 100644 Binary files a/data/shell/stagers/stager.php_ and b/data/shell/stagers/stager.php_ differ diff --git a/extra/cloak/cloak.py b/extra/cloak/cloak.py index bdfd7b09a..c68b4a06b 100644 --- a/extra/cloak/cloak.py +++ b/extra/cloak/cloak.py @@ -21,7 +21,7 @@ if sys.version_info >= (3, 0): xrange = range ord = lambda _: _ -KEY = b"Beeth7hoyooleeF0" +KEY = b"wXGWkn7KI0VhDOHS" def xor(message, key): return b"".join(struct.pack('B', ord(message[i]) ^ ord(key[i % len(key)])) for i in range(len(message))) diff --git a/extra/shutils/recloak.sh b/extra/shutils/recloak.sh new file mode 100755 index 000000000..07dd4aabe --- /dev/null +++ b/extra/shutils/recloak.sh @@ -0,0 +1,14 @@ +#!/bin/bash + +# NOTE: this script is for dev usage after AV something something + +DIR=$(cd -P -- "$(dirname -- "${BASH_SOURCE[0]}")" && pwd -P) + +cd $DIR/../../data/shell +find -regex ".*backdoor\.[a-z]*_" -or -regex ".*stager\.[a-z]*_" -type f -exec python ../../extra/cloak/cloak.py -d -i '{}' \; + +cd $DIR/../cloak +sed -i 's/KEY = .*/KEY = b"'`python -c 'import random; import string; print("".join(random.sample(string.ascii_letters + string.digits, 16)))'`'"/g' cloak.py + +cd $DIR/../../data/shell +find -regex ".*backdoor\.[a-z]*" -or -regex ".*stager\.[a-z]*" -type f -exec python ../../extra/cloak/cloak.py -i '{}' \; diff --git a/lib/core/settings.py b/lib/core/settings.py index 1a0cc75e5..de19e2b97 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -18,7 +18,7 @@ from lib.core.enums import OS from thirdparty.six import unichr as _unichr # sqlmap version (...) -VERSION = "1.4.8.19" +VERSION = "1.4.8.20" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)