WSH is Web-SHell written in Java; it is a web application that acts like a shell (and as a file manager too). It also gives you a way to open a backdoor on the target (if you have special needs).
- http://www.mediafire.com/file/1jnx0nitomz/wsh-g.alljsp.war (the best version)
- http://www.mediafire.com/file/kjnydza2yef/wsh-g.jsp.vbea4.war (BEA WebLogic <=8)
- http://www.mediafire.com/file/hll8bnpc4z4pl6p/wsh-g4jboss.v02.war ONLY FOR JBOSS 4 (tested on 4.0, try wsh-g.alljsp for newer versions)
- http://www.mediafire.com/file/aottmyzidjm/wsh-g.nowebxml.war: this one misses the web.xml descriptor, so it is not fully JEE compliant but sometimes (eg when you have some DTD/SCHEMA resolution error or the server cannot reach internet) this could work, but i found it useful only once with Weblogic 6!
If the app doesn’t show any exception, but you see only a blue background, see HTML code and load each frame separately (wsh is a 2 frame app, the upper one is a shell, the lower is a file manager)
You should deploy it as a common application in the Application Server management console (Tomcat Manager, Weblogic Console, SunAS console, etc…). The application consist in a single web page:
http(s)://[the_server]:[the_server_port]/wsh/ http(s)://[the_server]:[the_server_port]/[name of the archive without the .war extension]/ example: http://10.11.12.13:7001/wsh-g.alljsp/
Ports Disclaimer – if you are on Jboss 7 or Weblogic, administration ports (7001, 9990) are different from “business” ports (8001, 8080); aim for not admin ports.
There are two frames in this page
- The upper one – the “Web Shell“
- The lower one – the “File Manager“
I think it’s very clear what you can do through the lower one: you can navigate the whole filesystem quickly, reading text (and no-text) files… (but do not click or cat a device – you will display the flow of the device content and the whole application will probably hang). If your target is a Windows SO, you should pay attention to a couple of things; please refer to Known Bugs (web/help/known_bugs.txt in the war file) for details.
The upper frame – the web shell – has many functionalities: reading them from left to right:
- The green element shows basic/extended informations about you target
- Shell and Shell Path forms let you choose which shell to use (sh and cmd.exe defaults on *X and Windows).
- Max Execution Time form lets you specify the max time a command can run
- Alias Settings form lets you add command aliases
- Backdoor lest you open a backdoor to simulate a shell
Please remember this is an application written to support ethical hackers – it has many security bugs, and if you find one, i will not fix it. The application is not W3C compliant, not validated against any HTTP DTD/XmlSchema. Always read Known Bugs before using any function