Hello friends,
after getting the knowledge about a php-reverse-shell on WordPress, I tried it out in a real scenario, namely on my own website. I put the php-reverse-shell in the 404.php file of an activated theme, but unfortunately I didn’t get a reverse shell. It works in the labs, why didn’t it work in the real scenario?
Is it because my website is hosted by a provider and their firewall recognizes the reverse shell or does not allow it to connect to my open netcat port? By the way: Did I maybe do something illegal? I wasn’t aware of it beforehand as I thought this was my website. Afterwards I realized that I am not the owner of the server of the website provider.
Many Thanks.
PS: All necessary parameters have been checked several times, all values are correct. I use a VPN