Php Shell

Articles Metasploit Framework Windows Tutorial Remote Desktop Connection Windows Processes That May Be Dangerous How-To use NetCat a Tutorial Common Linux Commands Common Ports Netcat Commands HTTP Response Codes War-Google Hack Terms Wardriving Avoiding Social Engineering and Phishing Attacks Intrusion Detection on Linux Linux Intrusion Detection Penetration Testing Guide Penetration Testing Tools Social Engineering Fundamentals, Part I: Hacker Tactics Social engineering (computer security) The Psychology of Social Engineering The Archives General GSO GovernmentSecurity.org News & Suggestions In The News Open Topic General Security Information Trash Can Exploit & Vulnerability Mailing List Archives Trial Member Forum Product and Program Reviews GSO Tutorials System Security Windows Systems Beginners Section Linux & Unix Systems File Downloads Exploit Research & Discussion Trojan & Virus Errata Networking Security / Firewall / IDS / VPN / Routers System Hardening E-Mail Security Wifi Security Trial Member Uploads Upload discovered Trojans & Mal ware GSO Programming Section C , C++ , VC++ Visual Basic .NET Perl /CGI Java/Javascript PHP/XML/ASP/HTML Assembly + Other The Cork Board Network Security Consultant Directory Network Security Jobs The Archives Encryption Information General Network Security Internet Anonymity HTTP Protocol Security Linux Security MS IIS Information Exploit Articles Programming / Tool Design GSO Software Projects Public Downloads Microsoft Security Questions and Papers		Help - Search - Member List - Calendar Full Version: Php Shell GovernmentSecurity.org > System Security > Trial Member Uploads M3X!C4N Aug 1 2005, 02:42 PM Heres a simple php shell I made, I'm going to add more features on my next release. Just read the README before you use it. satknis Aug 1 2005, 04:30 PM hmm i don't know why you made a script for this simple php command but this is well known and used in many scripts. and all hosting companys wich know a little bit about security runs their apache software in safemode, so it isn't possible to execute commands with this. just my 2 cents linux_dude Aug 1 2005, 05:02 PM You should have just linked to the php manual pages on this, they have plenty of example coding and explanations on safeguarding against malicious use: Click Me M3X!C4N Aug 1 2005, 05:29 PM QUOTE hmm i don't know why you made a script for this simple php command but this is well known and used in many scripts. and all hosting companys wich know a little bit about security runs their apache software in safemode, so it isn't possible to execute commands with this. Hmm well have you actually tried using any kind of script like this? You can still run commands on the server even if apache is running as nobody or apache, 5 out of 10 times if you find a way to upload it to someones website it will be running as the user who owns that website, so that means you can make changes to whatever files that are in that users home directory, as long as they belong to the user. You can also use this and download a perl script that runs a shell on some port,which would be easier for you to find a local exploit that you could use. linux_dude Aug 1 2005, 05:52 PM Wow, stop pushing how good your script kiddie skills are and read what he wrote. When you run PHP in safemode, you can't use your php script, at all sevenvirtues Aug 1 2005, 09:21 PM tried using Myshell? MyShell (PHP script) -execute arbiritary shell-commands -browse the filesystem on your remote webserver. -replaces normal telnet-connection. -You can use it for file transfer -administration and maintenance -includes a built-in password protection system -built-in file editor to allow you to edit and create files 'Similar' tool: -cgitelnet ***** you can use these tools as reference for your future projects. M3X!C4N Aug 1 2005, 09:34 PM Ok I misread what satknis said. I do not consider myself a "uber 1337 skiddie" I was just trying to explain that its not worthless and you can use it. Yes there are things much better than this but mabe n00bs can learn from it. boshcash Aug 4 2005, 09:11 PM yea but now the idea is not how 1337 the tool is , the idea is the ability to execute commands using more than one php function and also if safe mode is enabled u wont be able to execute anything :\ This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here. Invision Power Board © 2001-2005 Invision Power Services, Inc.