Single-file shell to f__k vulnerable PHP servers, solely for educational and research purposes. Powered by Bootstrap and React.js, features a file browser and web based, SSH like terminal.
Caution: This file if publicly accessible, is a total security risk. Do not upload or use it in a production environment.
You can get the latest phuck.dist.php from the releases section.
Make sure to have PHP, Composer, Node.js and Yarn installed on your workstation.
Firstly, dump the autoloader and install JavaScript dependencies using below command:
# generate auto loader
composer dump-autoload
# install JS dependencies
yarn installThen start the PHP built-in development server in project directory.
php -S localhost:8080Now run the Parcel development server:
RPC_URL=http://localhost:8080/phuck.dev.php npx parcel src/index.htmlTo create your own bundled version after any changes, run below commands:
# build frontend assets
npx parcel build src/index.html
# combine frontend and server code
php bundle.phpYou should now have a phuck.dist.php in the project root.
See LICENSE file.