New source will be available soon.
Python PHP
Latest commit 06fcce8 Jan 14, 2017 @z0noxz committed on GitHub Create simple-shell.php
Failed to load latest commit information.

Moved to


PHP Command Injection exploitation tool

  1. Exploit web page and upload simple-shell.php (or simply find an existing exploitable command injection).
  2. Execute the controller to exploit the command injection vulnerability. The controller is simply a command injection exploitation tool, and can therefore with a few adjustments be rewritten to exploit allready existing vulnerabilities without the need for uploading the 'simple-shell.php'.

Featuers (so far)

  1. File upload
  2. File download
  3. Normal terminal commands (excluding prompts e.g. password)
  4. Meterpreter reverse shell injection


You shall not misuse this tool to gain unauthorized access. This tool should only be used to expand knowledge, and not for causing malicious or damaging attacks. Performing any attacks without written permission from the owner of the system is illegal.