I was in need of some web shells for some security research I was conducting. I found w0rms.com which has a nice selection of shells that can be downloaded to accomodate my need to test some malicious PHP code in my application.
As expected every shell on w0rms.com is backdoored (backdoor the backdoors eh?).
This means that when a bad actor uses a malicious web shell that was posted on w0rms.com the location of that shell is sent to the owners of w0rms.com. From here the owners of w0rms.com likely automatically upload additional malicious code. This is very common and clearly points out that there is no honor among script kiddies.
I hope that they sanitize their input and check that it’s actually a valid URL 🙂
$ while true; do curl -A butts http://w0rms.com/oku/kaydet.php?a=$RANDOM; done