进阶
Doughnuts可以做到许多事情,比如...
最后更新于
这有帮助吗?
在通过Doughnuts连接至您的webshell之后,您可以借助Doughnuts完成许多事情。这边来,我会将您引入Doughnuts的国度!
Commands
Description
cls / clear
Clear screen
debug
Open / Close Debug switch
? / help
Output the help document for the command or all help menu
log
(Only for *unix) Write input and output to the log
! / lsh
Run a command on local machine
sw / switch
(for input Non-alphanumeric) Switch input to raw input
proxy
Set proxy for requests
get
Get variable(s), use #{varname} to use it
set
Set variable, use #{varname} to use it
save
Save the configuration of the variable(s) to variables.config
reload
Reload a plugin
q / quit
Quit this program
Commands
Description
s / show
Show log webshells
se / show_encoders
Show available encoders
gen / generate
Generate a webshell using doughnuts encoding
l / load
Load a webshell from log
c / connect
Connect to a webshell
check
Check if each webshell is alive
rm / remove
Remove a webshell log
COMMON
Commands
Description
i / info
Show website information
env / getenv
print PHP environment variables by ini_get
ls / dir
List information about the files
Print disable functions
pwd
Print the name of the current working directory
cd
Change the working directory
SHELL
Commands
Description
bs / bindshell
Bind a port and wait for someone to connect to get a shell
re / reverse
Reverse shell
rs / reshell
(Only for both system is linux) (Testing command) Bind a local port and waiting for target connect back to get a full shell
s / shell
Get a temporary shell of target system by system function or just run a shell command
ws / webshell
Get a webshell of target system or just run a webshell command
exec / execute
Execute custom php code
FILE
Commands
Description
c / cat
Read file/files
w / write
Write file
e / edit
Modify file
u / upload
Upload file
d / download
Download file
mv / move
Rename file or move it to new_file_path
rm / remove
Delete target system file(s)
chmod
(Only for *unix) Changes file mode
t / touch
(Only for *unix) Specify a file whose modification time stamp is the same as a random file in the current directory
dump
Package and compress files in a folder and download it
DETECT
Commands
Description
search
Search file by glob, pattern support . * [...]
fwpf
Search writable php file
DATABASE(MYSQL)
Commands
Description
db_init
Initialize the database connection
db_info
Output database information
db_use
Change current database
db_dbs
Output all databases
db_tables
Output all tables of a database
db_columns
Output all columns of a table
db_shell
Get a temporary sql shell of target system
db_dump
Dump a database to a file
OHTER
Commands
Description
ag / agent
Intranet agent
bobd
(Only for *unix) Try to bypass open_basedir by ini_set and chdir
bdf
Try to bypass disable_functions
ps / portscan
Scan intranet ports
checkvm
Simply check whether the machine is a virtual machine
socks
(Only for *unix) Run a socks5 server on the target system by python