Skip to content
/ pload Public

Convenient way to bypass PHP disabled functions with LD_PRELOAD to create gsocket connection

License

GPL-3.0 license
7 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Cvar1984/pload

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

26 Commits
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
encode_bytes.php
encode_bytes.php
 
 
exploit.php
exploit.php
 
 
preload.c
preload.c
 
 

Repository files navigation

Pload

PHP LD_PRELOAD Payload. A tool to bypass disable_functions.

How it works

PHP in Linux calls a binary (sendmail) when the mail() function is executed. If we have putenv() allowed, we can set the environment variable "LD_PRELOAD", so we can preload an arbitrary shared object. Our shared object will execute our custom payload (a binary or a bash script) without the PHP restrictions, so we can have a reverse shell, for example.

how to do it

run exploit.php and connect using gsocket client

About

Convenient way to bypass PHP disabled functions with LD_PRELOAD to create gsocket connection

Topics

linux ldpreload bypass hacktoberfest php-exploit gsocket bypass-disable-function

Resources

Readme

License

GPL-3.0 license
Activity

Stars

7 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

V1.0 Latest
Aug 9, 2024

Packages

No packages published

Contributors 2

  •  
  •  

Languages