Kumasia is a straightforward PHP backdoor tool designed to assist penetration testers in evaluating the security posture of web applications. It provides a suite of functionalities that allow authorized users to interact with the server environment, upload files, execute commands, and more. This tool is intended solely for ethical hacking and authorized security assessments.
- 🖥️ Webshell Access: Interact with the server's file system and execute commands directly through a web-based interface.
- 📁 File Upload: Upload files to the server, facilitating tasks such as deploying test scripts or resources.
- 💻 Command Execution: Run system commands on the server to assess its behavior and responses under various scenarios.
- 📝 Mass File Creation: Generate multiple files simultaneously, useful for testing the server's file handling capabilities.
- 🔒 CSRF Online: Test Cross-Site Request Forgery vulnerabilities by simulating CSRF attacks.
- ✉️ Fake Mail: Send spoofed emails to evaluate the server's email handling and security measures.
- ⬇️ File Download: Retrieve files from the server to analyze their contents or backup configurations.
- 🛠️ Adminer Integration: Access database management functionalities through Adminer, a lightweight database management tool.
Kumasia boasts a responsive interface, ensuring seamless usability across various devices, including desktops, tablets, and smartphones. This adaptability enhances the user experience, allowing penetration testers to operate efficiently regardless of their device.
⚠️ Important Note:
Use this tool responsibly and exclusively for authorized penetration testing purposes. Unauthorized use of backdoor tools is illegal and unethical.
For individuals new to penetration testing, here's a step-by-step guide on how to utilize Kumasia:
-
📥 Download Kumasia:
Obtain the tool from its official GitHub repository:
https://github.com/RootShelll -
🚀 Deploy to Server:
Upload thekms.phpfile to the target server's web directory. -
🌐 Access via Browser:
Navigate to the uploaded file's URL (e.g.,http://targetsite.com/kms.php) using a web browser. -
🔑 Authenticate:
If prompted, enter the necessary credentials to access the tool's interface.
Credentials:- Username:
admin - Password:
R00t
- Username:
-
🛠️ Utilize Features:
Explore and use the various functionalities, such as webshell access, file upload, and command execution, to conduct your security assessments.
ℹ️ Note:
Always ensure you have explicit permission from the system owner before deploying and using Kumasia on any server.
Kumasia serves as a valuable tool for ethical hackers and security professionals, offering a range of features to assess and enhance the security of web applications. Its user-friendly interface and responsive design make it accessible for both seasoned penetration testers and newcomers to the field.
🔑 Credentials for Admin Access:
- Username:
admin- Password:
R00t