AntSword pursues the
free, flexible, highly extendible config of shells, which can make shells more powerful and colorful.
The basic config of shells includes basic information only. Connectivity of shell can encounter errors if you has wrong config.
Every network package will be sent to this URL.
This means password to webshell you want to connect.
You will get messy codes if encoder isn't chosen correctly.
Character encoding is
cmd(only for Chinese users).
ANSIis used by some files. However some source files could be edited by using
If you have messy characters, please solve it according the table below:
|Shell Character encoding||Windows XP/7/8/Server 2003 Chinese Version||Windows 10 Chinese Version||*nix|
Korean（Euc-KR），Japanese（Euc-JP or Shift_JIS）
Notice: You have to clear cache manually after chaning the encoder.
You can choose
If you choose use
CUSTOM, please make sure that the server can interpret your scripts. Reference ==> HERE
Users can write your own shells. More details.Develop Custom Webshells
Encoders are one of main cores of AntSword, which can be used to encryption of connectivity between AntSword and server webshells.
You may get an amazing advantage when you are trying to connect to servers behind firewalls.
This will transfer plain data without using any encoders. HIGHLY NOT RECOMMENDED. Special characters will get escaped, which may result in errors.
AntSword will pick up encoders randomly to connect.
AntSword will use base64 to encode. HIGHLY NOT RECOMMENDED. This feature has already been marked by WAF.
AntSword will use
chrfunction in PHP to communicate. (Only in PHP). RECOMMENDED
AntSword will transform data into hex to communicate in
Examples of cutomizeable encoder: (ONLY IN ASP) you have to use it with asp_eval_xxxxdog.asp. RECOMMENDED
You may use classical cryptography, DES, AES or others to transfer data. Please see more details in Encoder Development
Sometimes you may want to customize HTTP headers, such as Cookie, User-Agent and etc. or just adding some specific data into your POST. At this time you need 「HTTP Setting」.
This section is about filling in value for HTTP.
AntSword 2.0 dev
AntSword 2.0 dev
If more than one value is needed in HTTP header, please add 「[+]Header」.
This section is config for HTTP body.
Namefor Key in POST.
Valuefor value of Key.
If more than one value is needed in HTTP body, please add 「[+]Body」.
- Ignore HTTPS Certificate
Communication will fail if certificates in server is not trusted or expired. You should open this up to ignore check of HTTPS.
Cache For Terminal
The result won't be saved to cache by default when using terminal.You can set this up to make sure cache will be cached if your Connectivity is poor.
Cache will be used directly if commands you are going to execute. (NOT RECOMMEND TO OPEN)
Set up the timeout for HTTP. The unit is
10000msis setted by default. Please customize according to your own network situation.
Customize path of executing the terminal
The default path for terminal is:
cmd. Please set up according to your own situation.
Absolute pathis RECOMMENDED.