php-reverse-shell.php issue

edited June 4 in Machines
Hi all, I'm trying to run a reverse shell from one of the machines. After uploading php-reverse-shell.php to the target, I'm getting an error message 'Failed to daemonize' What do I need to do in order to fix this and gain the reverse shell?

Thanks

Pilgrim23

Comments

  • It's probably just because it doesn't find pcntl_fork. Your error message also probably says "this is not fatal" meaning it should work even if it can't daemonize so your problem is likely elsewhere.

    mogyub

  • edited June 4

    I had this same issue. It means your pc isn't listening on the port.

    You want to issue this command on your machine

    nc -lnvp 'whatever port you set in reverse shell'

    e.g. nc -lnvp 1234

    phase

  • Hmm, I typed nc -lvp 1234 and that didn't work. Configured the reverse shell php script with the correct IP address too (ie the IP of the Kali Linux box).

  • Hmmm not too sure then. If the IP and port are correct, pointing back to you HTB vpn IP it should work.

    phase

  • edited June 4

    Type your comment> @Phase said:

    I had this same issue. It means your pc isn't listening on the port.

    You want to issue this command on your machine

    nc -lnvp 'whatever port you set in reverse shell'

    e.g. nc -lnvp 1234

    That's not what it means. Assuming you're using the most common script...

    // pcntl_fork is hardly ever available, but will allow us to daemonise
    // our php process and avoid zombies.  Worth a try...
    if (function_exists('pcntl_fork')) {
        // Fork and have the parent process exit
        $pid = pcntl_fork();
    
        if ($pid == -1) {
            printit("ERROR: Can't fork");
            exit(1);
        }
    
        if ($pid) {
            exit(0);  // Parent exits
        }
        // Make the current process a session leader
        // Will only succeed if we forked
        if (posix_setsid() == -1) {
            printit("Error: Can't setsid()");
            exit(1);
        }
        $daemon = 1;
    } else {
        printit("WARNING: Failed to daemonise.  This is quite common and not fatal.");
    }
    

    Additionally from the Pentestmonkey website...

    "Isn’t the shell connection just going to be severed when the web server times out the PHP script?
    No. It doesn’t seem to on the systems that I’ve tested it on (Gentoo Linux only so far). Additionally the PHP script attempts to daemonise itself and dissociate from the parent process to avoid this (though it rarely works in practise). Your browser will appear to hang when you access the reverse shell. This is normal. It’s OK to hit cancel in your browser once you’ve got your shell."

    mogyub

  • But the shell doesn't appear.
Sign In to comment.