Skip to content
Quick and simple way to encrypt your code via OpenSSL with a key size of 16, 24 or 32 to protect your code from being seen
PHP
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
LICENSE
README.md
encrypted-web-shell.php
web-shell.txt

README.md

Encrypted Web Shell

A quick and simple way to protect your PHP code with the OpenSSL library using AES-256-CBC.

Description

This code uses the OpenSSL library to encrypt raw PHP code (without "", as it is executed via eval). It then executes the code after decrypting it. This can potentially aid in the obfuscation (and potentially unrecoverable) of your code, whether its shell, penetration testing or remote management and systems administration.

The key item to note here is that the key can be delivered to decrypt + run the code via a http POST, instead of a GET. What does this mean? It means that the key you pass to decrypt will be harder to capture and utilize by monitoring parties or via standard apache / nginx access logs. GETs are usually logged, but POSTs are not usually logged without additional custom modules or configuration directives.

This might be more ideal than using the more common base64_encoding which is very simple and trivial to decrypt.

Instructions

  1. Load your code into a text file, read the contents of the file via file_get_contents and use the encrypt function to encrypt it with a strong key.
  2. Delete the file and the file_get_contents (save your key)
  3. Paste the encrypted code into the $code variable
  4. Run the file and enter the key in the input box in your browser
  5. It should set a cookie wtih the key and refresh the page with the executed code
  6. Some code or conditions in code may not execute due to it potentially not being escaped properly.

Adjusting the encryption

You can learn more about utilizing PHP's OpenSSL library, as well as the different options you can utilize to encrypt your code here : https://www.php.net/manual/en/book.openssl.php

You can’t perform that action at this time.