Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/waived/waive-shell
DoS shell in PHP --- Methods: UDP, TCP, HTTP, and TLS exhaustion
https://github.com/waived/waive-shell
ddos ddos-attack distributed-denial-of-service-attack phpbackdoor phpshell webshell webshells
Last synced: about 1 month ago
JSON representation
DoS shell in PHP --- Methods: UDP, TCP, HTTP, and TLS exhaustion
- Host: GitHub
- URL: https://github.com/waived/waive-shell
- Owner: waived
- Created: 2024-06-12T20:55:10.000Z (6 months ago)
- Default Branch: main
- Last Pushed: 2024-09-16T05:00:32.000Z (3 months ago)
- Last Synced: 2024-09-16T06:27:25.156Z (3 months ago)
- Topics: ddos, ddos-attack, distributed-denial-of-service-attack, phpbackdoor, phpshell, webshell, webshells
- Language: PHP
- Homepage:
- Size: 202 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.txt
Awesome Lists containing this project
README
WAIVE SHELL:
This is a Denial-of-Service shell coded in PHP. It supports UDP, TCP, TLS, and HTTP floods. WaiveShell has a
clickable interface and also supports direct API calls via HTTP-GET. The layer-4 attack vectors have dynamic
data buffers, ranging from 1000 to 1200 bytes per packet (which can be modified). The TLS exhaustion attack
is of a fixed-length, however the data buffer is dynamic as the byte-padding is randomized per each packet.This shell is NOT obfuscated!
Use ChatGPT (https://chatgpt.com/) or other proprietary software for a custom obfuscation to be applied.Shells are uploaded to hacked websites via RFI, LFI, SQL Injection, etc.
WaiveShell takes four parameters: TYPE, HOST, PORT, and TIME
---- TYPE: the type is specified by "udp", "tcp", "tls" or "http"
---- HOST: WaiveShell accepts either an IP address of a Domain Name. Do NOT enter a complete URL!
---- PORT: ports range from 1 to 65,535. Ensure your endpoint has the specified port open before attacking.
For the TLS attack, the default HTTPS port is 443 and should be used unless an alternate HTTPS
port is being used, ex: port 8080 https-proxy
---- TIME: the duration in seconds for the attack to run. Once WaiveShell is executed, the attacks cannot
be aborted!Example: http://www.vulnerable.com/files/waiveshell.php?type=udp&host=www.example.com&port=80&time=300
NOTE:
All attack-traffic has been confirmed via Wireshark. Payloads structure correct and not malformed, etc.