USE ONLY DURING LEGAL AND AUTHORIZED ACTIVITIES, eg Penetration Tests with a legal agreement.
Here some different new versions of wsh. If you upload the war file into the AS, you will see a detailed HELP to use functions like them maximum command life, or the backdoor spawning, and so on…
Use this for all Application Servers except for BEA WebLogic <=8:
- http://www.mediafire.com/file/1jnx0nitomz/wsh-g.alljsp.war (the best version, it should work everywhere)
- http://www.mediafire.com/file/aottmyzidjm/wsh-g.nowebxml.war (if the above shell doesn’t work in you AS)
Use this if you have BEA WebLogic <=8:
I don’t know if they will work, however give it a try… There is a bug in weblogic 8 / 9, and this JSP sometimes doesn’t work.