![[Image: KYM3txE.gif]](https://i.imgur.com/KYM3txE.gif)
![[Image: 90aVhZO.gif]](https://i.imgur.com/90aVhZO.gif)
![[Image: r39nvLV.png]](https://i.imgur.com/r39nvLV.png)
Disclaimer:Hacking is illegal. I take no responsibility what you do with this information. For educational purposes only.
LEGENDS SHELL:
A portable <.php> website hacking tool box packed with some useful tools and shells to help you hack more websites.
![[Image: sCtYH34.jpg]](https://i.imgur.com/sCtYH34.jpg)
A portable <.php> website hacking tool box packed with some useful tools and shells to help you hack more websites.
>Just upload it like you would any php shell.
>Login
>Import Tools
>Execute
>Login
>Import Tools
>Execute
►Featured Tools & Shells:
![[Image: 9kq9HfM.jpg]](https://i.imgur.com/9kq9HfM.jpg)
(¯`·._.·-
TOOLS·._.·´¯)
TOOLS·._.·´¯)- • Login Page:
![[Image: i6wcTUB.jpg]](https://i.imgur.com/i6wcTUB.jpg)
Just in case someone comes across this through a public directory.
- • Admin Page Finder:
![[Image: eOS4FbF.jpg]](https://i.imgur.com/eOS4FbF.jpg)
This tool is used to scan for administration panels.
- • BING Dork Scanner:
![[Image: uGMU1L2.jpg]](https://i.imgur.com/uGMU1L2.jpg)
This tool is used to scan dorks on BING search engine for any SQLi vulnerabilities.
- • CMS Sacnner:
![[Image: kZ9XW27.jpg]](https://i.imgur.com/kZ9XW27.jpg)
This tool scans a target for installed plugins and gives you a exploit-db link for that vulnerable plugin.
- • LFI Scanner:
![[Image: uGKBW4x.jpg]](https://i.imgur.com/uGKBW4x.jpg)
This tool scans a target for any LFI vulnerabilities then let’s you inject different payloads.
- • myBB Scanner:
![[Image: l6tF87r.jpg]](https://i.imgur.com/l6tF87r.jpg)
This tool let’s you scan a mybb target for 21 known vulnerabilities.
- • Prestashop Exploiter:
![[Image: yKV8pLJ.jpg]](https://i.imgur.com/yKV8pLJ.jpg)
- • Revslider Scanner:
![[Image: rn5TObK.jpg]](https://i.imgur.com/rn5TObK.jpg)
This tool let’s you scan multiple WordPress sites at once for the vulnerable revslider plugin, then helps you exploit it.
- • Vuln Scan:
![[Image: Ob3z8eL.jpg]](https://i.imgur.com/Ob3z8eL.jpg)
This tool let’s you somewhat scan multiple websites/IP for vulnerabilities, then displays results to go through manually.
- • Vuln Inject:
![[Image: 7FKVj.jpg]](https://i.imgur.com/7FKVj.jpg)
This tool has several features but the one that stands out the most is the Error based & Union SQLi injector.
- • Host Scan:
![[Image: aNtSvC3.jpg]](https://i.imgur.com/aNtSvC3.jpg)
This tool let’s you scan any host, then displays the results.
- • Reverse IP:
![[Image: IvjUIFQ.jpg]](https://i.imgur.com/IvjUIFQ.jpg)
This tool let’s you scan a server/IP for any other websites that are being hosted on the same server.
- • Ddoss3r:
![[Image: LwvFAZE.jpg]](https://i.imgur.com/LwvFAZE.jpg)
This tool uses multiple ddosing methods to kill target.
- • Inbox Mailer -Gmail:
![[Image: Lr1Yvnt.jpg]](https://i.imgur.com/Lr1Yvnt.jpg)
This tool let’s you bomb/spam any Gmail ‘inbox’.
- • Spoof Mailer:
![[Image: uwK06pd.jpg]](https://i.imgur.com/uwK06pd.jpg)
This tool let’s you spoof your outging email address. ex:<support@facebook.com>
- (¯`·._.·-
SHELLS·._.·´¯)
- • 404 Shell:
Spoiler (Click to Hide)
![[Image: VWuSuYV.jpg]](https://i.imgur.com/VWuSuYV.jpg)
This shell has a hidden login feature for better stealth.
- • Mini Shell:
![[Image: 0kiJNL2.jpg]](https://i.imgur.com/0kiJNL2.jpg)
This shell is small in size making it easier to upload when other shells won’t load.
- • Obfuscated Shell:
![[Image: LtAPO8w.jpg]](https://i.imgur.com/LtAPO8w.jpg)
Some servers will detect the malicious code within your shell preventing a successful upload. Sometimes you can bypass this by obfuscating the souce code.
- • Symlink Shell:
![[Image: kJGoGjN.jpg]](https://i.imgur.com/kJGoGjN.jpg)
This shell will automatically symlink to any other websites being hosted on the server if /var/named or etc/named.conf is accessible.
- • CGI Shell:
![[Image: XoRE4IN.jpg]](https://i.imgur.com/XoRE4IN.jpg)
If .php extensions are blocked/disabled, you can try to use a cgi shell.
- • IndoXploit Shell:
This shell has many unique features, but the ones that stands out the most are…
• Configuration Grabber:
![[Image: fwwxCe6.jpg]](https://i.imgur.com/fwwxCe6.jpg)
![[Image: BFbojaV.jpg]](https://i.imgur.com/BFbojaV.jpg)
Will check a compromised server for any other sites being hosted then exploit them if /var/named or etc/named.conf is accessible.
Will check a compromised server for any other sites being hosted then exploit them if /var/named or etc/named.conf is accessible.
• cPanel Crack:
![[Image: ZIQ2hGw.jpg]](https://i.imgur.com/ZIQ2hGw.jpg)
Will attempt to crack any cPanels being hosted on a compromised server.
Will attempt to crack any cPanels being hosted on a compromised server.
• SMTP Grabber:
![[Image: gKCgJpw.jpg]](https://i.imgur.com/gKCgJpw.jpg)
Will attempt to crack any smtp account hosted on a compromised server.• RDP Shell:
![[Image: Q7rc1pq.jpg]](https://i.imgur.com/Q7rc1pq.jpg)
![[Image: AduOMlb.jpg]](https://i.imgur.com/AduOMlb.jpg)
Will attempt to create an RPD account on a Windows server.
Will attempt to crack any smtp account hosted on a compromised server.• RDP Shell:
Will attempt to create an RPD account on a Windows server.
- • Adminer -MySQL Manager:
![[Image: gRwISvH.jpg]](https://i.imgur.com/gRwISvH.jpg)
Legends Shell:
https://ghostbin.com/paste/r8k3osuk
Ghostbin Password: legends4lyfe
https://ghostbin.com/paste/r8k3osuk
Ghostbin Password: legends4lyfe
Shell Passwords:
Legends Shell = opensaysme
404 shell = playtime2
IndoXploit Shell = IndoXploit
Legends Shell = opensaysme
404 shell = playtime2
IndoXploit Shell = IndoXploit
Posts
download link not found. Please update it. thank u
ReplyDeleteUpdate link please
ReplyDeletePlease update the link
ReplyDelete