From 08a95e61f042acdac1bcf109785a5100d838040e Mon Sep 17 00:00:00 2001
From: Thibault Koechlin <orixxx@gmail.com>
Date: Wed, 23 Oct 2024 16:07:24 +0200
Subject: [PATCH 1/2] add CVE-2021-33044

---
 web/trendy_cves.txt | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/web/trendy_cves.txt b/web/trendy_cves.txt
index 1060ffe..a1b6688 100644
--- a/web/trendy_cves.txt
+++ b/web/trendy_cves.txt
@@ -21,3 +21,5 @@
 /guestaccess.aspx
 #CVE-2024-0769
 /hedwig.cgi
+#CVE-2021-33044
+/rpc2_login
\ No newline at end of file

From 50d8a809db992453977aed85a9daaea846309923 Mon Sep 17 00:00:00 2001
From: Thibault Koechlin <orixxx@gmail.com>
Date: Wed, 23 Oct 2024 16:22:17 +0200
Subject: [PATCH 2/2] added a few backdoors, sorted lines

---
 web/backdoors.txt | 274 ++++++++++++++++++++++++----------------------
 1 file changed, 143 insertions(+), 131 deletions(-)

diff --git a/web/backdoors.txt b/web/backdoors.txt
index 26c2268..bf59665 100644
--- a/web/backdoors.txt
+++ b/web/backdoors.txt
@@ -1,193 +1,205 @@
-c99.php
-c99shell.php
-r57.php
-r58.php
-dra.php
-r00t.php
-root.php
-mma.php
-filesman.php
-Locus7s.php
-c99-Ultimate.php
-c100.php
-Ekin0x.php
-hacker.php
-safe0ver.php
-sniper.php
-spyshell.php
-CWShellDumper.php
-angel.php
-dq.php
-cmd.php
-liz0zim.php
-simattacker.php
-tryag.php
+1337.php
 150.php
-Ani-Shell.php
-Crystal.php
-Dx.php
-FaTaLisTiCz_Fx.php
-G5.php
-NCC-Shell.php
-NetworkFileManagerPHP.php
-PHANTASMA.php
-PHPJackal.php
-PHPRemoteView.php
-PHPSPY.php
-Php_Backdoor.txt.php
-Private-i3lue.php
-SnIpEr_SA Shell.php
-upl0ader.php
+3fexe.asp
 acid.php
+Ajax_PHP_Command_Shell.php
+AK-74.php
+alfa-rex.php
+alfa-rex.php56
+alfa3.php
+andela.php
+angel.php
+Ani-Shell.php
+Antichat_Shell.php
 antichat.php
-shell.php
-udp.php
-ddos.php
+aspxSH.asp
+aspxshell.aspx
+ASpy.asp
+aspydrv.asp
+aspydrv.php
+Ayyildiz_Tim.php
+aZRaiLPhp_v1.0.php
 b37.php
 backupsql.php
 bdotw44shell.php
+bloodsecv4.php
+browser.jsp
 bug.php
+bypass.php
+c.php
+c100.php
 c37.php
 c66.php
-c99-shadows-mod.php
-c99_PSych0.php
 c99_locus7s.php
 c99_madnet.php
+c99_PSych0.php
 c99_w4cking.php
+c99-shadows-mod.php
+c99-Ultimate.php
+c99.php
 c99madshell.php
+c99shell.php
 c99ud.php
 c99unlimited.php
 c99v2.php
+CasuS-1.5.php
 cbfphpsh.php
+cgitelnet.php
+cgitelnet.pl
 cihshell_fix.php
+cmd_win32.jsp
+cmd.asp
+cmd.aspx
+cmd.jsp
+cmd.php
+cmd.pl
+cmdexec.aspx
 co.php
+configkillerionkros.php
 connect-back.php
 cpg_143_incl_xpl.php
+Crystal.php
+CrystalShell.php
+css.php
 ctt_sh.php
+CWShellDumper.php
 cybershell.php
+dc.pl
+dC3_Security.php
+ddos.php
+Dive_Shell.php
+dq.php
+dra.php
+DTool_Pro.php
+Dx.php
+ee.php
+EFSO.asp
 egy.php
+Ekin0x.php
+elmaliseker.asp
 erne.php
+eval-stdin.php
 ex0shell.php
+FaTaLisTiCz_Fx.php
+filesman.php
+filesystembrowser.aspx
+fileupload.aspx
+g00nshell-v1.3.php
 g00nv13.php
+G5.php
+Gamma_Web_Shell.php
+GRP_WebShell.php
+hacker.php
 hkrkoz.php
+indosec.php
+irc.pl
 ironshell.php
 isko.php
 iskorpitx.php
 itsecteam_shell.php
-locus.php
-log.php
-simple_cmd.php
-zacosmall.php
-weevely.php
-AK-74.php
-Ajax_PHP_Command_Shell.php
-Antichat_Shell.php
-Ayyildiz_Tim.php
-CasuS-1.5.php
-CrystalShell.php
-DTool_Pro.php
-Dive_Shell.php
-GRP_WebShell.php
-Gamma_Web_Shell.php
+jspbd.jsp
+jspshell.jsp
+jspShell.jsp
+JspWebshell 1.2.jsp
 JspWebshell_1.2.php
 KA_uShell_0.1.6.php
+kral.php
+lifkaS.php
+list.jsp
+list.pl
+liz0zim.php
 Loaderz_WEB_Shell.php
+locus.php
+Locus7s.php
+log.php
+lolipop.php
+lostDC.php
 Mackers_Private_Shell.php
+matamu.php
+megabor.php
+mma.php
 Moroccan_Spamers.php
 MyShell.php
+NCC-Shell.php
+NetworkFileManagerPHP.php
 NGH.php
-NTDaddy_v1.9.php
 Non-alphanumeric.php
+NTDaddy_v1.9.php
+ntdaddy.asp
+obfuscated-punknopass.php
+PerlWebShellbyRST-GHC.pl
+PHANTASMA.php
+Php_Backdoor.txt.php
 PHP_Shell.php
-PHVayv.php
+php-backdoor.php
+pHpINJ.php
+PHPJackal.php
+PHPRemoteView.php
 PhpSpy.php
+PHPSPY.php
+PHVayv.php
 Predator.php
-Rootshell.v.1.0.php
-STNC_WebShell_v0.8.php
-Safe0ver_Shell.php
-Safe_Mode_Bypass.php
-SimShell.php
-Simple_PHP_backdoor.php
-Sincap_1.0.php
-Small_Web_Shell.php
-WinX_Shell.php
-Worse_Linux_Shell.php
-ZyklonShell.php
-aZRaiLPhp_v1.0.php
-alfa3.php
-andela.php
-aspydrv.php
-bloodsecv4.php
-cgitelnet.php
-configkillerionkros.php
-dC3_Security.php
-g00nshell-v1.3.php
-jspshell.jsp
-kral.php
-lifkaS.php
-lolipop.php
-lostDC.php
-matamu.php
-megabor.php
-obfuscated-punknopass.php
-pHpINJ.php
-php-backdoor.php
+Private-i3lue.php
 punk-nopass.php
 punkholic.php
 pws.php
+pws.pl
 qsd-backdoor.php
+r00t.php
+r57.php
+r58.php
+RemExp.asp
+root.php
+Rootshell.v.1.0.php
 ru24_post_sh.php
 s72_Shell.php
+Safe_Mode_Bypass.php
+Safe0ver_Shell.php
+safe0ver.php
+sh3llx.php
+shell.php
+simattacker.php
+simple_cmd.php
+Simple_PHP_backdoor.php
 simple-backdoor.php
+SimShell.php
+Sincap_1.0.php
+Small_Web_Shell.php
 smevk.php
+SnIpEr_SA Shell.php
+sniper.php
 soldierofallah.php
 sosyete.php
-spygrup.php
-stres.php
-wso2.8.5.php
-zehir4.php
-cgitelnet.pl
-cmd.pl
-dc.pl
-list.pl
-up.pl
-wewo.pl
-irc.pl
-pws.pl
-PerlWebShellbyRST-GHC.pl
-JspWebshell 1.2.jsp
-browser.jsp
-cmd.jsp
-cmd_win32.jsp
-jspShell.jsp
-jspbd.jsp
-list.jsp
-up.jsp
-up_win32.jsp
-3fexe.asp
-ASpy.asp
-EFSO.asp
-RemExp.asp
-aspxSH.asp
-aspxshell.aspx
-aspydrv.asp
-cmd.asp
-cmd.aspx
-cmdexec.aspx
-elmaliseker.asp
-filesystembrowser.aspx
-fileupload.aspx
-ntdaddy.asp
 spexec.aspx
+spygrup.php
+spyshell.php
 sql.aspx
+STNC_WebShell_v0.8.php
+stres.php
 tool.asp
 toolaspshell.asp
+tryag.php
+udp.php
+up_win32.jsp
 up.asp
+up.jsp
+up.pl
+upfile.php
+upl0ader.php
+weevely.php
+wewo.pl
+WinX_Shell.php
+Worse_Linux_Shell.php
+wp-term.php
+ws.php
+wso2.8.5.php
+xleet-shell.php
+xleet.php
+xx.php
+zacosmall.php
 zehir.asp
 zehir.aspx
 zehir4.asp
 zehir4.aspx
-xleet.php
-xleet-shell.php
-sh3llx.php
-eval-stdin.php
+zehir4.php
+ZyklonShell.php