Hello Everyone,
I got the same problems I tried to go through everything and I made it in the end 
, so this will help you troubelshoot the issue and try everything :
-
Before uploading php-reverse-shell.php to the targe, first of all modify the IP address and put the one that was assigned to you through your connection to the Hackthebox network it start with 10.10.14. and you can find it using either “ifconfig” or "ip a " command. About the port number you can change the port or leave it as it is, i.e. “1234”, but for best practice let’s change it and to “33456” instead
-
Now you modified the file, you uploaded to the web server and you got that message on the web broser that your file is uploaded. CONGRATS !! here’s the critical part :
-
first of all run the nc command “nc -lvnp 33456” and before run it check that the firewall is disabled using the command “ufw status”
-
Now you’re listening on the port 33456 and you’re waiting for the machine to reverse connect you , you invoke the event by running the curl command (make sure that your filename is right)
-
normally in this case you should see on the terminal where you executed the “nc” command that you get a little $ to run your command and that the connection is established
There’s something I still not understand, i.e. : if I stay inactive in the connection I established the connection on the port closes (which is normal) but when I try to execute the curl command I got a 404 which specify that the file is removed so I need to go through the process again and upload the file and… , I think that when the php script is terminated it deletes itself automatically which is a good cybersecurity best practice to not leave a print in the attacked machine.
Best Regards,
Salah,