phpbash is a fairly simple script I wrote to help with many of the lab machines. It is a php and javascript-based full-screen shell, which uses the Kali terminal colors in the design. It does not yet work with interactive commands, but it is much more user friendly than dropping a file with <?php echo system($_GET['cmd']); ?>
on a target and running commands one at a time. It is especially useful for gaining access to machines that prevent typical reverse shells from running.
awesome
Beautiful piece of work @Arrexel
Would be pure awesomeness if you added support for command history with up/down arrows and tab-completion!
@eks said:
Beautiful piece of work @Arrexel
Would be pure awesomeness if you added support for command history with up/down arrows and tab-completion!
I second this statement.
Awesome work in the meantime though. Thanks for the contribution!
@eks said:
Beautiful piece of work @Arrexel
Would be pure awesomeness if you added support for command history with up/down arrows and tab-completion!
It’s already on the to-do list might add it tonight if I have time
Added
Why doesnt nc/netcat work in phpbash? Or should it?
@shiva108 said:
Why doesnt nc/netcat work in phpbash? Or should it?
It seems to work for me.
Maybe its the netcat from openbsd package without the -e option (you will find ways around it) or your target has firewall rules to prevent a reverse / bind shell.
Awesome work Arrexel!
this is great. Thanks
Awesome!
Thanks
Just added an upload
command (which opens the file selection dialog).
phpbash now properly escapes console output, so cat
’ing html/php files no longer causes code execution.
Further improved directory navigation. cd -
now goes to previous directory, and cd
with no arguments goes to the default shell directory.
Wow @Arrexel, this script is awesome!! Very nicely written code. I enjoyed reading
Awesome sauce good sir!
Awesome tool! Especially with the new update. Definitely beats changing a GET variable everytime I want to run a new command.
By the way, did you make Bashed just to advertise this?
@berninator said:
Awesome tool! Especially with the new update. Definitely beats changing a GET variable everytime I want to run a new command.By the way, did you make Bashed just to advertise this?
Nope! We needed an easy box so I threw it together fairly quickly, as there were only hard/insane submissions in the queue at the time. I actually got the idea for bashed because I forgot a copy on my development server lol.
@Arrexel said:
Nope! We needed an easy box so I threw it together fairly quickly, as there were only hard/insane submissions in the queue at the time. I actually got the idea for bashed because I forgot a copy on my development server lol.
Haha at least it wasn’t a production server. Then again, I could imagine something like that happening in the real world.
And we definitely need a some more easy boxes. Everyone wants to be the one to show off their super niche stego or enumeration technique on their boxes. But I’m sure our newer members would appreciate some more straight forward challenges.
@berninator said:
@Arrexel said:
Nope! We needed an easy box so I threw it together fairly quickly, as there were only hard/insane submissions in the queue at the time. I actually got the idea for bashed because I forgot a copy on my development server lol.Haha at least it wasn’t a production server. Then again, I could imagine something like that happening in the real world.
And we definitely need a some more easy boxes. Everyone wants to be the one to show off their super niche stego or enumeration technique on their boxes. But I’m sure our newer members would appreciate some more straight forward challenges.
Yes please!
Actually a great idea for a script. I was thinking today about thinking is it possible to script a console/shell that you can embed in a website.
Yea, it is a cool idea and phpbash is a nice implementation of this idea. Similar shells are available for other technologies too, for example I used this for one Windows machine here: webshell/cmd.aspx at master · tennc/webshell · GitHub
These can be quite handy.
And I agree that this is a nice “vulnerability” on a beginner machine. Easy way to get started when you have no idea what you are doing.
Works really nice man. It chews up long commands just fine. Great work!
I haven’t really looked into the sourcecode too deep, but you may have a quick answer to it:
There are two things I’m wondering about. Here’s two usecases, just type the commands in the shell:
** 2> /dev/null **
find / -iname whatever 2> /dev/null
Note the ‘2> /dev/null’ got lost along the way. Which makes using a find function a bit harder, having to pipe it into grep
** small ease of use **
I guess it would be handy if a key is pressed, the cursor/output goes to the inputbox, not the output screen.
–
small odd thing, but doesn’t matter too much, it’s just a bit unexpected:
test=“some”
echo $test
Note it doesn’t output anything. You have any idea why that wouldn’t work?
–
Anyway, these are not intended as feature requests, unless you see value in them yourself. I might add them myself one day if you’d rather not.
The shell is really helpful as it is. Thank you for the work and for sharing it with us.