Lab9.1 PHP Shells - adamcunningham9990/SEC335-Journal GitHub Wiki
PHP Shells
PHP Scripts can be used to execute commands onto web servers
Tips / Issues
All PHP scripts must open with <?php
and close with ?>
system()
will execute the code on the server found within the ()
You can use $_GET['test']
in order to pass parameters from a web URL. In this case if the script was named hello.php, the URL syntax would be: http://127.0.0.1/hello.php?test=hi
. In that specific case, hi would be stored as the variable.
Remember to put ; at the end of each line!
WHEN PASSING VARIABLES, REMEMBER ENCODING (%20 is space!)
Use system(echo test)
in order to test that the code is being run correctly.
You can use base64_encode()
or str_rot13()
to try and bypass IDS/IPS systems, just remember to update the parameters that are passed in accordingly.