Skip to content
/ php-sh Public

A simple PHP shell designed for injection into insecure web pages

1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

atx2600/php-sh

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
README.md
README.md
 
 
php_repl-0-0-3.php
php_repl-0-0-3.php
 
 
php_repl-0-0-4.php
php_repl-0-0-4.php
 
 

Repository files navigation

php-shell

A favorite exploit for the ATX2600 CTFs seems to be uploading PHP code to vulnerable webservers and thus establishing a remote shell via php's shell_exec() function. Writing a working inject page is trivial, but this is not mere working page. This aims to be a cute one.

php-shell aims to add a working directory (so that the CD command works), arrow key accessible history and maybe even VT100 colors / tab completion.

Current State

As of right now, a trivial page is active as 0-0-3.php. A better jquery based page is in the works as 0-0-4.php, which attempts to remove the "reload on command" behavior of the naive page.

About

A simple PHP shell designed for injection into insecure web pages

Resources

Readme
Activity
Custom properties

Stars

1 star

Watchers

6 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published