Wso Shell Aspx

WSO ASPX is the legendary priv8 web shell designed for .NET-based Windows servers. Trusted by red teams, exploit researchers, and pentest professionals for over a decade, this tool delivers full-stack post-exploitation power in one slick interface.

🔥 Features at a Glance

• Command Execution: Multiple command execution engines (cmd.exe, Win32 API, WSH), choose the best bypass for any locked-down environment.
• File Manager: Advanced file & directory browser with full create, upload, edit, download, cut, copy, paste, delete, rename, and permissions control.
• Persistence & Registry: View, edit, and manipulate Windows Registry. Clone file timestamps for anti-forensics, drop persistence easily.
• SQL Management: Execute SQL queries and xp_cmdshell directly over MSSQL, even escalate from db-level access to OS shell.
• Process & User Management: Live process list (WMI, System.Diagnostics), enumerate users, view active sessions, enumerate Windows event logs.
• Network Tools: Integrated port scanner, server variable/environment dump, IIS info spy, and more.
• Clean UI, Multi-language, Obfuscated Code: All-in-one panel, hidden and lightweight, designed to bypass most WAFs and AV solutions.

👽 Typical Workflow

1. Upload WSO ASPX to any writable directory on the target IIS/Windows server.
2. Login with your secret pass (add HTTP authentication for OPSEC).
3. Explore directories, search for sensitive files, download configs, plant persistence, or upload your malware.
4. Escalate: Try all command execution engines—if cmd.exe fails, switch to Win32 API or WSH!
5. Dump users, scan ports, clone or edit files, clear event logs, wipe traces.
6. When finished, delete the shell or overwrite its content from the UI.