Spade Mini Shell – the easiest to use shell ever ! 😂🤣

Spade Mini Shell – the easiest to use shell ever ! 😂🤣

During a regular anaysis of a WordPress website for a new user I’ve noticed a file named wp-blogs.php in the public_html folder.

As an experienced WordPress user, the name itself drew attention, as I do not recall ever seeing a file called wp-blogs.php in WordPress core.

After opening the file it’s obvious that it is NOT part of WordPress CMS.

Source code of the Spade Mini Shell
Source code of the Spade Mini Shell

Same as the LeafMailer PHP Script or the WSO Shell – this script is NOT detected by ConfigServer eXploit Scanner (cxs) but Imunify360 DOES detect it!

The script itself doesn’t even deserve to be called a web shell as it provides no option to execute any arbitrary commands.

It provides a pretty basic file manager and some server information, but that’s pretty much it.

File manager of the Spade Mini Shell
File manager of the Spade Mini Shell

A notable feature is the Kill Me link which tries to remove the script itself and prints a message Sayonara Suckers!

File editor is also spartan:

File Editor from the Spade Mini Shell
File Editor from the Spade Mini Shell

System information page gives a lot of usefull information:

System information from Spade Mini Shell
System information from Spade Mini Shell

A lot of links in the code are loaded from the now-expired domain name xbox.nu which at the time when this script was uploaded looked like this:

Screenshot of the xbox.nu website on 18.07.02017 from the WebArchive
Screenshot of the xbox.nu website on 18.07.02017 from the WebArchive
whoami
Stefan Pejcic
Join the discussion

I enjoy constructive responses and professional comments to my posts, and invite anyone to comment or link to my site.