{"id":26933325,"url":"https://github.com/rootshelll/marijuana-web-shell","last_synced_at":"2025-10-08T19:17:13.943Z","repository":{"id":281630366,"uuid":"945881499","full_name":"RootShelll/MARIJUANA-web-shell","owner":"RootShelll","description":"Learn about the MARIJUANA web shell, a PHP-based backdoor with stealth capabilities designed to bypass server security measures. Understand its features, potential risks, and implications for cybersecurity.","archived":false,"fork":false,"pushed_at":"2025-03-10T10:28:25.000Z","size":619,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-10T10:30:03.335Z","etag":null,"topics":["cyber-threats","marijuana","marijuana-shell","marijuana-web-shell","php","php-backdoor","php-shell","php-shell-download","server-security","web-shell","web-shell-features"],"latest_commit_sha":null,"homepage":"https://r00t-shell.com/understanding-the-marijuana-web-shell-features-and-security-implications/","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/RootShelll.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-03-10T09:20:54.000Z","updated_at":"2025-03-10T10:28:53.000Z","dependencies_parsed_at":"2025-03-10T10:41:27.472Z","dependency_job_id":null,"html_url":"https://github.com/RootShelll/MARIJUANA-web-shell","commit_stats":null,"previous_names":["rootshelll/marijuana-web-shell"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RootShelll%2FMARIJUANA-web-shell","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RootShelll%2FMARIJUANA-web-shell/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RootShelll%2FMARIJUANA-web-shell/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RootShelll%2FMARIJUANA-web-shell/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/RootShelll","download_url":"https://codeload.github.com/RootShelll/MARIJUANA-web-shell/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246785474,"owners_count":20833498,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cyber-threats","marijuana","marijuana-shell","marijuana-web-shell","php","php-backdoor","php-shell","php-shell-download","server-security","web-shell","web-shell-features"],"created_at":"2025-04-02T09:18:38.068Z","updated_at":"2025-10-08T19:17:08.895Z","avatar_url":"https://github.com/RootShelll.png","language":"PHP","readme":"# Understanding the MARIJUANA Web Shell: Features and Security Implications\n\nThe **MARIJUANA web shell** is a backdoor tool developed in PHP with stealth capabilities designed to bypass server security measures. Each function within this web shell is encoded in hexadecimal format to evade Web Application Firewalls (WAFs).\n\n![MARIJUANA Web Shell](https://raw.githubusercontent.com/RootShelll/MARIJUANA-web-shell/refs/heads/main/MARIJUANA.png) \u003c!-- Replace with the actual image URL --\u003e\n\n\u003e **Warning:**  \n\u003e The use of web shells like MARIJUANA poses significant security risks. Unauthorized deployment can lead to severe legal and ethical consequences. ⚠️\n\n## Key Features of the MARIJUANA Web Shell\n\n- **No URL Reload (AJAX):** Enhances user experience by updating content without refreshing the page.\n- **Bypass Forbidden:** Allows access to restricted directories or files.\n- **Multiple File Upload (Auto Submit):** Facilitates the uploading of multiple files simultaneously.\n- **Unzip Functionality:** Enables decompression of ZIP archives directly on the server.\n- **Non-Empty Directory Removal:** Permits deletion of directories regardless of their content.\n- **HTTP Requests:** Supports sending HTTP requests to other servers.\n- **File Download:** Allows downloading of files from the server.\n- **Rename Function:** Enables renaming of files or directories.\n- **Base64 Encode/Decode (AJAX):** Provides encoding and decoding of data in Base64 format.\n- **CHMOD:** Allows modification of file or directory permissions.\n- **Change Timestamp:** Enables alteration of file or directory timestamps.\n- **Create New File and Directory:** Facilitates creation of new files or directories on the server.\n\n## Potential Risks and Security Concerns\n\nWhile tools like the MARIJUANA web shell offer functionalities that can be used for legitimate purposes, they are often associated with malicious activities, including unauthorized server access, data theft, and server compromise. \n\n\u003e **Note:**  \n\u003e It's crucial to ensure that your server is secured against unauthorized access and that any tools or scripts used are from trusted sources. ℹ️\n\n## Indicators of Compromise (IoCs)\n\nSecurity agencies have identified certain indicators associated with malicious deployments of web shells like MARIJUANA.\n\n## Protective Measures\n\nTo safeguard your server against potential threats posed by web shells:\n\n- Regularly update and patch your server software to address known vulnerabilities.\n- Implement robust authentication mechanisms to prevent unauthorized access.\n- Monitor server logs for unusual activities that could indicate a security breach.\n- Utilize security tools that can detect and block malicious scripts or backdoors.\n\n\u003e **Disclaimer:**  \n\u003e This information is provided for educational purposes only. Unauthorized use of web shells can lead to severe legal consequences. ⚠️\n\n## Example Code\n\nYou can copy the following code to implement certain functions:\n\n```php\n// Example PHP Code for MARIJUANA Web Shell\necho \"Hello, World!\";\n```\n\n\u003e **Important:**  \n\u003e Be cautious when using or deploying any web shell as it can result in serious legal issues.\n```\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frootshelll%2Fmarijuana-web-shell","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frootshelll%2Fmarijuana-web-shell","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frootshelll%2Fmarijuana-web-shell/lists"}