HosterSlice Posted September 20, 2012 Posted September 20, 2012 This came up in my current project, so I thought I would share. <?php function rawshell($cmd) { $t = time()."txt"; $cmds = explode(";",$cmd); $out = ''; foreach($cmds as $c) { exec($c." &> ".$t); $out .= file_get_contents($t); } exec("rm -f ".$t); return $out; } echo rawshell("ls -al; whoami"); What this will do is give you the output you would get as if you had done it via ssh. **NOTE: THIS WILL NOT WORK ON SITES HOSTED HERE AS EXEC AND THE LIKE ARE DISABLED FOR SECURITY PURPOSES!** Quote
AlexisSalazar Posted September 29, 2012 Posted September 29, 2012 Shellcode is like a virus and a program a cell.While a cell can be executed a virus needs a cell to run. Your best bet is to inject the shellcode into a virtual instance of an exploitable program and step though it.Shellcode by definition cant be run outside of a vulnerability. Web Design|PAKKA Web Designers Quote
HosterSlice Posted September 29, 2012 Author Posted September 29, 2012 You are incorrect.if you want security you can change the PATH var with env to not include other binaries, and you can also chroot it. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.