Selamun Aleyküm.
Belli bir olgunluğa erişmiş olan arkadaşlarımız zaten olayın bilincindedir,
Kimsenin Babasının hayrına Shell Hizmeti vermeyeceğini çok çok iyi bilirler.
Yeni arkadaşların dikkatine.
Service : Sh3LL.org : inurl:c99.txt inurl:c99.php inurl:r57.txt inurl:r57.php inurl:locus.txt inurl:locus.php inurl:c100.txt inurl:c100.php
analysis : http://www.sh3ll.org/r57.txt
base64 Decrypt ettiğimizde Yakışıklı bir js şifrelemesi görüyoruz aşağıda.
Decrypt Edilmesini zahmetli bir hale getirmek için parçalara bölünerek çalışması sağlanmış.
JS Kodunu "JS.html" olarak bilgisayarınıza kaydedip,
Tamper Data ile girdi çıktıları kontrol ettiğinizde
Kel görünür kabak gibi.
Sh3LL.org : inurl:c99.txt inurl:c99.php inurl:r57.txt inurl:r57.php inurl:locus.txt inurl:locus.php inurl:c100.txt inurl:c100.php - BACKDOORED
---------------------------------------------------
Service : http://wwww.r57.gen.tr
analysis : http://r57.gen.tr/shell/r57.rar
r57.txt - c99.txt - r57 shell - c99 shell - r57shell - c99shell - r57 - c99 - shell archive - php shells - php exploits - bypass shell - safe mode bypass - sosyete safe mode bypass shell - Evil Shells - exploit - root - localshell.net - BACKDOORED
---------------------------------------------------
Service : Http://www.r57shell.net
analysis : r57shell
Http://www.r57shell.net - BACKDOORED
---------------------------------------------------
Service : R57 Shell - C99 Shell - R57.txt - C99.txt | #ROOT & www.****lteam.org & R57 Shell - R57.txt - R57 Shell Download
analysis : r57shell
R57 Shell - C99 Shell - R57.txt - C99.txt | #ROOT & R57 Shell - R57.txt - R57 Shell Download & www.****lteam.org BACKDOORED
---------------------------------------------------
Service : c99.txt, r57.txt, c99 shell, r57 shell, r57.php, c99.php
analysis : http://www.c99txt.net/s/r57.txt
..
..
c99.txt, r57.txt, c99 shell, r57 shell, r57.php, c99.php BACKDOORED
---------------------------------------------------
Service : r57.txt, c99.txt, r57 shell, c99 shell, r57shell, c99shell, r57, c99, shell archive, php shells, php exploits, bypass shell, safe mode bypass, sosyete safe mode bypass shell, Evil Shells, exploit, root, r57.biz
analysis : r57shell
r57.txt, c99.txt, r57 shell, c99 shell, r57shell, c99shell, r57, c99, shell archive, php shells, php exploits, bypass shell, safe mode bypass, sosyete safe mode bypass shell, Evil Shells, exploit, root, r57.biz BACKDOORED
---------------------------------------------------
Service : c99.txt, r57.txt, r57 shell, c99 shell, c99, r57, c100,txt, c100 shell – c99.gen.tr
analysis : http://www.c99.gen.tr/c99.rar
c99.txt, r57.txt, r57 shell, c99 shell, c99, r57, c100,txt, c100 shell – c99.gen.tr BACKDOORED
---------------------------------------------------
Service : r57, c99, r57 shell, c99 shell, r57.txt, c99.txt, c99php.com & r57txt.blogspot.com.tr & securitybash.blogspot.com.tr & c99-shell.blogspot.com.tr & c99rar.blogspot.com.tr/ & r57rar.blogspot.com.tr/
analysis : Symlink_Sa 3.0
r57, c99, r57 shell, c99 shell, r57.txt, c99.txt, c99php.com
r57txt.blogspot.com.tr
securitybash.blogspot.com.tr
c99-shell.blogspot.com.tr
c99rar.blogspot.com.tr
r57rar.blogspot.com.tr BACKDOORED
---------------------------------------------------
Service : R57 Shell, c99 Shell, r57 txt, c99 txt, Upload Shell Download
analysis : http://r57-shell.com/shell/CWShellDumper.txt
R57 Shell, c99 Shell, r57 txt, c99 txt, Upload Shell Download BACKDOORED
---------------------------------------------------
Service : R57 Shell | C99 Shell | Shell | R57.php | c99 r57shellc99.com Siteniz.
analysis : <?php echo getenv("HTTP_HOST"); ?> - phpshell
R57 Shell | C99 Shell | Shell | R57.php | c99 r57shellc99.com Siteniz. BACKDOORED
---------------------------------------------------
Service : C99 Shell, c99 txt, r57 Shell, Php, Asp Priv10 Shell
analysis : <?php echo getenv("HTTP_HOST"); ?> - c99 shell
C99 Shell, c99 txt, r57 Shell, Php, Asp Priv10 Shell BACKDOORED
---------------------------------------------------
Service : w0rms.com Shell Download – Remote bypass shell – c99 – r57 – Wso shell – WSO – Bypass shell – Hacker shell – Shell | Safe mode bypass shell,Safe shell,Cgi telnet,telnet,r57 shell,c99 shell,Anjiyo shell,
analysis : http://www.w0rms.com/shell/iranshell.txt
w0rms.com Shell Download – Remote bypass shell – c99 – r57 – Wso shell – WSO – Bypass shell – Hacker shell – Shell | Safe mode bypass shell,Safe shell,Cgi telnet,telnet,r57 shell,c99 shell,Anjiyo shell, BACKDOORED
---------------------------------------------------
Service : film izle, divx film izle, erotik film izle, hd film izle & C99 , r57 , Siyanur5x , WSO shell , Anjiyo shell , Shell download , shell indir , shell yükle , bypass shell | bypass shell,shell download,bypass,linux bypass shell,symlink shell,c99 shell,r57 shell,anjiyo shell,wso shell,wso.php,wso 2.5,wso bypass
analysis : http://podathon.org/shell/c99.txt
film izle, divx film izle, erotik film izle, hd film izle & http://shelldown.wordpress.comBACKDOORED
---------------------------------------------------
Service : www.oco.cc
analysis : www.oco.cc/shell/c99.txt.zip
Decrypted:
www.oco.cc BACKDOORED
---------------------------------------------------
Service : R57 C99 Shell, r57 txt , r57 php shell, c99 txt shell, safe mode pass, bypass shell
analysis : <?php echo getenv("HTTP_HOST"); ?> - c99shell
R57 C99 Shell, r57 txt , r57 php shell, c99 txt shell, safe mode pass, bypass shell BACKDOORED
---------------------------------------------------
Service : www.c99.me :> c99.txt c99.php inurl:r57.txt inurl:r57.php inurl:locus.txt inurl:locus.php inurl:c100.txt inurl:c100.php c99.txt, r57.txt, r57 shell, c99 shell, c99, r57, c100,txt, c100 shell
analysis : http://c99.me/download/r57.php.zip
www.c99.me :> c99.txt c99.php inurl:r57.txt inurl:r57.php inurl:locus.txt inurl:locus.php inurl:c100.txt inurl:c100.php c99.txt, r57.txt, r57 shell, c99 shell, c99, r57, c100,txt, c100 shell BACKDOORED
---------------------------------------------------
Service : r57, c99, r57 shell, c99 shell, r57.txt, c99.txt, r57.info
analysis : Symlink_Sa 3.0
r57, c99, r57 shell, c99 shell, r57.txt, c99.txt, r57.info BACKDOORED
---------------------------------------------------
Service : r57, c99, r57 shell, c99 shell, r57.txt, c99.txt, c99shelll.com
analysis : Symlink_Sa 3.0
r57, c99, r57 shell, c99 shell, r57.txt, c99.txt, c99shelll.com BACKDOORED
Kaynak : h4x0re Security, Vulnerability Researching, Shellcode, PoC, Exploits, Zeroday, h4 sec: Online Shell Services Backdoor Analysises | 2014
Belli bir olgunluğa erişmiş olan arkadaşlarımız zaten olayın bilincindedir,
Kimsenin Babasının hayrına Shell Hizmeti vermeyeceğini çok çok iyi bilirler.
Yeni arkadaşların dikkatine.
Service : Sh3LL.org : inurl:c99.txt inurl:c99.php inurl:r57.txt inurl:r57.php inurl:locus.txt inurl:locus.php inurl:c100.txt inurl:c100.php
analysis : http://www.sh3ll.org/r57.txt
base64 Decrypt ettiğimizde Yakışıklı bir js şifrelemesi görüyoruz aşağıda.
Decrypt Edilmesini zahmetli bir hale getirmek için parçalara bölünerek çalışması sağlanmış.
JS Kodunu "JS.html" olarak bilgisayarınıza kaydedip,
Tamper Data ile girdi çıktıları kontrol ettiğinizde
Kel görünür kabak gibi.
Sh3LL.org : inurl:c99.txt inurl:c99.php inurl:r57.txt inurl:r57.php inurl:locus.txt inurl:locus.php inurl:c100.txt inurl:c100.php - BACKDOORED
---------------------------------------------------
Service : http://wwww.r57.gen.tr
analysis : http://r57.gen.tr/shell/r57.rar
r57.txt - c99.txt - r57 shell - c99 shell - r57shell - c99shell - r57 - c99 - shell archive - php shells - php exploits - bypass shell - safe mode bypass - sosyete safe mode bypass shell - Evil Shells - exploit - root - localshell.net - BACKDOORED
---------------------------------------------------
Service : Http://www.r57shell.net
analysis : r57shell
Http://www.r57shell.net - BACKDOORED
---------------------------------------------------
Service : R57 Shell - C99 Shell - R57.txt - C99.txt | #ROOT & www.****lteam.org & R57 Shell - R57.txt - R57 Shell Download
analysis : r57shell
R57 Shell - C99 Shell - R57.txt - C99.txt | #ROOT & R57 Shell - R57.txt - R57 Shell Download & www.****lteam.org BACKDOORED
---------------------------------------------------
Service : c99.txt, r57.txt, c99 shell, r57 shell, r57.php, c99.php
analysis : http://www.c99txt.net/s/r57.txt
..
..
c99.txt, r57.txt, c99 shell, r57 shell, r57.php, c99.php BACKDOORED
---------------------------------------------------
Service : r57.txt, c99.txt, r57 shell, c99 shell, r57shell, c99shell, r57, c99, shell archive, php shells, php exploits, bypass shell, safe mode bypass, sosyete safe mode bypass shell, Evil Shells, exploit, root, r57.biz
analysis : r57shell
r57.txt, c99.txt, r57 shell, c99 shell, r57shell, c99shell, r57, c99, shell archive, php shells, php exploits, bypass shell, safe mode bypass, sosyete safe mode bypass shell, Evil Shells, exploit, root, r57.biz BACKDOORED
---------------------------------------------------
Service : c99.txt, r57.txt, r57 shell, c99 shell, c99, r57, c100,txt, c100 shell – c99.gen.tr
analysis : http://www.c99.gen.tr/c99.rar
c99.txt, r57.txt, r57 shell, c99 shell, c99, r57, c100,txt, c100 shell – c99.gen.tr BACKDOORED
---------------------------------------------------
Service : r57, c99, r57 shell, c99 shell, r57.txt, c99.txt, c99php.com & r57txt.blogspot.com.tr & securitybash.blogspot.com.tr & c99-shell.blogspot.com.tr & c99rar.blogspot.com.tr/ & r57rar.blogspot.com.tr/
analysis : Symlink_Sa 3.0
r57, c99, r57 shell, c99 shell, r57.txt, c99.txt, c99php.com
r57txt.blogspot.com.tr
securitybash.blogspot.com.tr
c99-shell.blogspot.com.tr
c99rar.blogspot.com.tr
r57rar.blogspot.com.tr BACKDOORED
---------------------------------------------------
Service : R57 Shell, c99 Shell, r57 txt, c99 txt, Upload Shell Download
analysis : http://r57-shell.com/shell/CWShellDumper.txt
R57 Shell, c99 Shell, r57 txt, c99 txt, Upload Shell Download BACKDOORED
---------------------------------------------------
Service : R57 Shell | C99 Shell | Shell | R57.php | c99 r57shellc99.com Siteniz.
analysis : <?php echo getenv("HTTP_HOST"); ?> - phpshell
R57 Shell | C99 Shell | Shell | R57.php | c99 r57shellc99.com Siteniz. BACKDOORED
---------------------------------------------------
Service : C99 Shell, c99 txt, r57 Shell, Php, Asp Priv10 Shell
analysis : <?php echo getenv("HTTP_HOST"); ?> - c99 shell
C99 Shell, c99 txt, r57 Shell, Php, Asp Priv10 Shell BACKDOORED
---------------------------------------------------
Service : w0rms.com Shell Download – Remote bypass shell – c99 – r57 – Wso shell – WSO – Bypass shell – Hacker shell – Shell | Safe mode bypass shell,Safe shell,Cgi telnet,telnet,r57 shell,c99 shell,Anjiyo shell,
analysis : http://www.w0rms.com/shell/iranshell.txt
w0rms.com Shell Download – Remote bypass shell – c99 – r57 – Wso shell – WSO – Bypass shell – Hacker shell – Shell | Safe mode bypass shell,Safe shell,Cgi telnet,telnet,r57 shell,c99 shell,Anjiyo shell, BACKDOORED
---------------------------------------------------
Service : film izle, divx film izle, erotik film izle, hd film izle & C99 , r57 , Siyanur5x , WSO shell , Anjiyo shell , Shell download , shell indir , shell yükle , bypass shell | bypass shell,shell download,bypass,linux bypass shell,symlink shell,c99 shell,r57 shell,anjiyo shell,wso shell,wso.php,wso 2.5,wso bypass
analysis : http://podathon.org/shell/c99.txt
film izle, divx film izle, erotik film izle, hd film izle & http://shelldown.wordpress.comBACKDOORED
---------------------------------------------------
Service : www.oco.cc
analysis : www.oco.cc/shell/c99.txt.zip
Decrypted:
www.oco.cc BACKDOORED
---------------------------------------------------
Service : R57 C99 Shell, r57 txt , r57 php shell, c99 txt shell, safe mode pass, bypass shell
analysis : <?php echo getenv("HTTP_HOST"); ?> - c99shell
R57 C99 Shell, r57 txt , r57 php shell, c99 txt shell, safe mode pass, bypass shell BACKDOORED
---------------------------------------------------
Service : www.c99.me :> c99.txt c99.php inurl:r57.txt inurl:r57.php inurl:locus.txt inurl:locus.php inurl:c100.txt inurl:c100.php c99.txt, r57.txt, r57 shell, c99 shell, c99, r57, c100,txt, c100 shell
analysis : http://c99.me/download/r57.php.zip
www.c99.me :> c99.txt c99.php inurl:r57.txt inurl:r57.php inurl:locus.txt inurl:locus.php inurl:c100.txt inurl:c100.php c99.txt, r57.txt, r57 shell, c99 shell, c99, r57, c100,txt, c100 shell BACKDOORED
---------------------------------------------------
Service : r57, c99, r57 shell, c99 shell, r57.txt, c99.txt, r57.info
analysis : Symlink_Sa 3.0
r57, c99, r57 shell, c99 shell, r57.txt, c99.txt, r57.info BACKDOORED
---------------------------------------------------
Service : r57, c99, r57 shell, c99 shell, r57.txt, c99.txt, c99shelll.com
analysis : Symlink_Sa 3.0
r57, c99, r57 shell, c99 shell, r57.txt, c99.txt, c99shelll.com BACKDOORED
Kaynak : h4x0re Security, Vulnerability Researching, Shellcode, PoC, Exploits, Zeroday, h4 sec: Online Shell Services Backdoor Analysises | 2014
bi ara bunları temizleyip paylaşacağım bende 
