Posted
about 1 year
ago
by
Emmanuel Saracco
* Zombies:
- Fixed some issues with IE.
- Added the use of hidden iframe to spy user navigation. This
feature does not work yet with IE, so it can be enabled/disabled
using the ZOMBIE_USE_HIDDEN_IFRAME constant.
*
... [More]
File browser:
- Added display options (to filter hidden files, directories,
symlinks or files)
- Colors enhancement.
- Sort enhancement (same sort, whatever browse method is used). [Less]
Posted
about 1 year
ago
by
Emmanuel Saracco
* Zombies:
- Menu reorganization.
- Added a "Control center". It is now possible to ping hosts with
the zombie (so you can bypass firewall etc.). For the moment hosts
must have port 80 open to appear alive.
... [More]
- Fixed some bad display logic with javascript code.
- Added "Delete" menu.
- Added "Reset" and "Add separator" menu to keylogger viewer.
- Very first steps for "Zombies" management (based on BeEF ideas).
* Other:
- Better safe mode handling.
- Better recursive idirectory deletion.
- Launcher code cleaning.
- Some README/INSTALL update.
- Now the use of the "launcher.html" file is required to open PRS
shell. All GET access will result on a "404 Not Found" HTTP
error. Just open this file with your Web browser and click the
"Launch" button. [Less]
Posted
about 1 year
ago
by
Emmanuel Saracco
* Zombies:
- Menu reorganization.
- Added a "Control center". It is now possible to ping hosts with
the zombie (so you can bypass firewall etc.). For the moment hosts
must have port 80 open to appear alive.
- Fixed
... [More]
some bad display logic with javascript code.
- Added "Delete" menu.
- Added "Reset" and "Add separator" menu to keylogger viewer.
- Very first steps for "Zombies" management (based on BeEF ideas).
* Other:
- Better safe mode handling.
- Better recursive idirectory deletion.
- Launcher code cleaning.
- Some README/INSTALL update.
- Now the use of the "launcher.html" file is required to open PRS
shell. All GET access will result on a "404 Not Found" HTTP
error. Just open this file with your Web browser and click the
"Launch" button. [Less]
Posted
about 1 year
ago
by
Emmanuel Saracco
* Zombies:
- Menu reorganization.
- Added a "Control center". It is now possible to ping hosts with
the zombie (so you can bypass firewall etc.). For the moment hosts
must have port 80 open to appear alive.
- Fixed
... [More]
some bad display logic with javascript code.
- Added "Delete" menu.
- Added "Reset" and "Add separator" menu to keylogger viewer.
- Very first steps for "Zombies" management (based on BeEF ideas).
* Other:
- Better safe mode handling.
- Better recursive idirectory deletion.
- Launcher code cleaning.
- Some README/INSTALL update.
- Now the use of the "launcher.html" file is required to open PRS
shell. All GET access will result on a "404 Not Found" HTTP
error. Just open this file with your Web browser and click the
"Launch" button. [Less]
Posted
over 2 years
ago
by
Emmanuel Saracco
* Encryption:
- PRS is now able to encrypt/decrypt itself on request. What you
have to do is just encrypt it with a secret key (using tools
available in the "encryption/" directory), put the encrypted
... [More]
file on a remote server and request it by passing it your secret
key using HTML POST method (see the "post.html" file). It is
a ugly/lame/experimental feature, so take it as a PoC and play
with it :-) Do not hesitate to send me ideas or patches!
* Self-recovery:
- PRS can now host itself in another PHP script on the server to
be able to self-restore itself at script execution time. Noisy
game though, so think twice before playing it :-)
* Crontab:
- Added crontab management when available.
* PHP:
- Now take in account "open_basedir" PHP configuration variable.
- PHP Exec* functions wrapper debug and optimization.
* Other:
- Now take in account the safe mode's variable "safe_mode_exec_dir".
- Added some information at the page top (exec method, FS
exploration method, PHP safe mode, storage method (cookies/script)).
- Again some fixes for runtime magic quotes.
- Some file size calculation fixes (when "filesize()" function is
disabled).
- Code cleaning. [Less]
Posted
over 2 years
ago
by
Emmanuel Saracco
* Encryption:
- PRS is now able to encrypt/decrypt itself on request. What you
have to do is just encrypt it with a secret key (using tools
available in the "encryption/" directory), put the encrypted
file on a
... [More]
remote server and request it by passing it your secret
key using HTML POST method (see the "post.html" file). It is
a ugly/lame/experimental feature, so take it as a PoC and play
with it :-) Do not hesitate to send me ideas or patches!
* Self-recovery:
- PRS can now host itself in another PHP script on the server to
be able to self-restore itself at script execution time. Noisy
game though, so think twice before playing it :-)
* Crontab:
- Added crontab management when available.
* PHP:
- Now take in account "open_basedir" PHP configuration variable.
- PHP Exec* functions wrapper debug and optimization.
* Other:
- Now take in account the safe mode's variable "safe_mode_exec_dir".
- Added some information at the page top (exec method, FS
exploration method, PHP safe mode, storage method (cookies/script)).
- Again some fixes for runtime magic quotes.
- Some file size calculation fixes (when "filesize()" function is
disabled).
- Code cleaning. [Less]
Posted
over 2 years
ago
by
Emmanuel Saracco
* Encryption:
- PRS is now able to encrypt/decrypt itself on request. What you
have to do is just encrypt it with a secret key (using tools
available in the "encryption/" directory), put the encrypted
file on a
... [More]
remote server and request it by passing it your secret
key using HTML POST method (see the "post.html" file). It is
a ugly/lame/experimental feature, so take it as a PoC and play
with it :-) Do not hesitate to send me ideas or patches!
* Self-recovery:
- PRS can now host itself in another PHP script on the server to
be able to self-restore itself at script execution time. Noisy
game though, so think twice before playing it :-)
* Crontab:
- Added crontab management when available.
* PHP:
- Now take in account "open_basedir" PHP configuration variable.
- PHP Exec* functions wrapper debug and optimization.
* Other:
- Now take in account the safe mode's variable "safe_mode_exec_dir".
- Added some information at the page top (exec method, FS
exploration method, PHP safe mode, storage method (cookies/script)).
- Again some fixes for runtime magic quotes.
- Some file size calculation fixes (when "filesize()" function is
disabled).
- Code cleaning. [Less]
Posted
over 2 years
ago
by
Emmanuel Saracco
* PHP:
- Now use "proc_open()" when "popen()" is not available.
* Other:
- Fixed a typo that broke download functionality.
- It is now possible to force file saving and deletion, even if
PRS think that
... [More]
file can not saved or deleted.
- PRS is now able of self-modify itself to save dynamic data in
its own file. If it fail (ie. bad PRS file rights) it use
traditional cookie method.
- Safer read/write file functions.
- Code cleaning and minor enhancements. [Less]
Posted
over 2 years
ago
by
Emmanuel Saracco
* PHP:
- Now use "proc_open()" when "popen()" is not available.
* Other:
- Fixed a typo that broke download functionality.
- It is now possible to force file saving and deletion, even if
... [More]
PRS think that file can not saved or deleted.
- PRS is now able of self-modify itself to save dynamic data in
its own file. If it fail (ie. bad PRS file rights) it use
traditional cookie method.
- Safer read/write file functions.
- Code cleaning and minor enhancements. [Less]
Posted
over 2 years
ago
by
Emmanuel Saracco
* Popups:
- Fixed a problem on popup closure with IE.
* PHP:
- Fixed a problem with magic quotes.
* Menus:
- Added a "Remove me!" menu item. It just remove the
... [More]
prs.php script
from the server.
* File browser:
- Better download handling in safe mode.
- It is now possible to force file edition, even if PRS think that
it can not be viewed.
- Fixed a problem with directories deletion when "opendir()"
function is not available (use "glob()" instead).
- Better browse mode detection management.
- Added bookmarks management for directory location.
- It is now possible to visualize images found on the server.
- Try to use "glob()" if "opendir()"/"readdir()" or "ls" system
command are not available.
- A lot of improvments on directories/files display.
- Fixed a problem with sticky directories.
- Fixed a problem with recursive directories deletion.
- Fixed a problem with especially crafted directories names.
- Added "Create directory" menu. User can now create directories.
- Files with appropriate rights can be fully edited. PRS will try to
preserve original timestamp if Web user is the same as file owner.
* Other:
- Fixed problem with HTML output.
- When in safe mode, we try to display "phpinfo()" output in the
"Remote information" section.
- Code cleaning. [Less]