Google dork “Index of /sh3llZ” allows you to find shell uploaded by hackers

Usually hackers upload shell to victim’s site using the vulnerability in that website. Shell allows hackers to hack/deface the website. Sometimes hackers left the shell in the vulnerable sites.  Here is simple google search allows you to find a shell uploaded by hackers.

Use one of the following google dork to find the shell:

  • intitle:index of/sh3llZ
  • “Index of /sh3llZ”
  • “/sh3llZ/uploadshell/uploadshell.php”

This will show the list of sites that has a sh3llZ folder. Probably, there will be link to c99 shell.  If you click the link, it will land you in a shell page. Using that shell, you can upload your own shells or deface the sites.