Perl web shell.
IndoXploit web shell has an action that downloads CGI-Telnet from pastebin.com.
Lots of pastebin pastes of IndoXploit and other similar web shells reference CGI-Telnet.
This might be the original. It shares a lot of code and variable names.
It's in Perl. Seems like it uses a lot of Perl features.
Full-featured web shell.
* Upload and download files
* FTP brute force password guesser
* Start a shell on a given TCP port
* Start a "reverse shell" that will contact a TCP port
* Apache log file viewer
* GUI File Manager
* A `/etc/named.conf` examination ("Domains/Users")
The FTP brute force password guess uses a built-in list
of about 55 passwords, and all the user IDs from /etc/passwd
and tries them against the compromised machine using
Perl Net::FTP module.
CGI-Telnet has a nice "Hacker" esthetic:
The front page says "b374k-CGI-Telnet"
- what's CGI-Telnet's relation to b374k PHP web shell, other than being a download link in b374k. The source for both is full of Indonesian names. CGI-Telnet is a lot less capable than b374k, so I'm not sure what the point is.