public/smplshllctrlr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5 Commits 1 Branch 0 Tags
06fcce84e58e67c8773f1d5f43304b2c5af0708a
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
z0noxz 06fcce84e5 Create simple-shell.php
2017-01-14 13:44:36 +01:00
README.md
Update README.md
2017-01-12 23:07:07 +01:00
simple-shell-controller.py
Create simple-shell-controller.py
2017-01-14 13:44:17 +01:00
simple-shell.php
Create simple-shell.php
2017-01-14 13:44:36 +01:00

README.md

Moved to https://github.com/z0noxz/mando.me

smplshllctrlr

PHP Command Injection exploitation tool

  1. Exploit web page and upload simple-shell.php (or simply find an existing exploitable command injection).
  2. Execute the controller to exploit the command injection vulnerability. The controller is simply a command injection exploitation tool, and can therefore with a few adjustments be rewritten to exploit allready existing vulnerabilities without the need for uploading the 'simple-shell.php'.

Featuers (so far)

  1. File upload
  2. File download
  3. Normal terminal commands (excluding prompts e.g. password)
  4. Meterpreter reverse shell injection

DISCLAIMER:

You shall not misuse this tool to gain unauthorized access. This tool should only be used to expand knowledge, and not for causing malicious or damaging attacks. Performing any attacks without written permission from the owner of the system is illegal.

Reference in New Issue View Git Blame Copy Permalink
Description
New source will be available soon.
Readme 36 KiB
Languages
Python 99.8%
PHP 0.2%