Linux somehost 2.6.19-gentoo-r5 #1 SMP PREEMPT Sun Apr 1 16:49: x86_64 AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ AuthenticAMD GNU/Linuxġ6:59:28 up 39 days, 19:54, 2 users, load average: 0.18, 0.13, 0. USAGE : change the IP and port in the windows-php-reverse-shell.php file upload, set up an listener in you machine, access the windows-php-reverse-shell.php file on the server. ![]() Some useful commans such as w, uname -a, id and pwd are run automatically for you:Ĭonnect to from (UNKNOWN) 58012 Reverse Shells At a Glance After the exploitation of a remote code. If all went well, the web server should have thrown back a shell to your netcat listener. Run the script simply by browsing to the newly uploaded file in your web browser (NB: You won’t see any output on the web page, it’ll just hang if successful): port 1234 // CHANGE THIS Get Ready to catch the reverse shell Start a TCP listener on a host and port that will be accessible by the web server. Using whatever vulnerability you’ve discovered in the website, upload php-reverse-shell.php. ![]() Use the same port here as you specified in the script (1234 in this example): Start a TCP listener on a host and port that will be accessible by the web server. Edit the following lines of php-reverse-shell.php: ![]() To prevent someone else from abusing your backdoor – a nightmare scenario while pentesting – you need to modify the source code to indicate where you want the reverse shell thrown back to. A PHP Reverse_shell Payload - use it at your own risk! This isn't made by me, it's made by pentestmonkey!
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |