Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/nil0x42/phpsploit
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
https://github.com/nil0x42/phpsploit
advanced-persistent-threat backdoor blackhat c2 command-and-control hacking hacking-framework hacktool persistence php-backdoor php-webshell php-webshell-backdoor post-exploitation privilege-escalation redteam stealth web-hacking webshell
Last synced: 6 days ago
JSON representation
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
- Host: GitHub
- URL: https://github.com/nil0x42/phpsploit
- Owner: nil0x42
- License: gpl-3.0
- Created: 2014-05-21T19:43:03.000Z (over 10 years ago)
- Default Branch: master
- Last Pushed: 2024-05-06T13:49:14.000Z (7 months ago)
- Last Synced: 2024-11-29T13:06:20.313Z (13 days ago)
- Topics: advanced-persistent-threat, backdoor, blackhat, c2, command-and-control, hacking, hacking-framework, hacktool, persistence, php-backdoor, php-webshell, php-webshell-backdoor, post-exploitation, privilege-escalation, redteam, stealth, web-hacking, webshell
- Language: Python
- Homepage:
- Size: 3.31 MB
- Stars: 2,227
- Watchers: 104
- Forks: 442
- Open Issues: 27
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- Funding: .github/FUNDING.yml
- License: LICENSE
Awesome Lists containing this project
- awesome-starz - nil0x42/phpsploit - Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor (Python)
- awesome-hacking-lists - nil0x42/phpsploit - Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor (Python)
README
Full-featured C2 framework which silently persists on
webserver via polymorphic PHP oneliner
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#### Overview
The obfuscated communication is accomplished using HTTP headers under
standard client requests and web server's relative responses, tunneled
through a tiny **polymorphic backdoor**:```php
```
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#### Quick Start
```sh
git clone https://github.com/nil0x42/phpsploit
cd phpsploit/
pip3 install -r requirements.txt
./phpsploit --interactive --eval "help help"
```* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#### Features
- **Efficient**: More than 20 plugins to automate privilege-escalation tasks
- Run commands and browse filesystem, bypassing PHP security restrictions
- Upload/Download files between client and target
- Edit remote files through local text editor
- Run SQL console on target system
- Spawn reverse TCP shells- **Stealth**: The framework is made by paranoids, for paranoids
- Nearly invisible by log analysis and NIDS signature detection
- Safe-mode and common _PHP security restrictions bypass_
- Communications are hidden in HTTP Headers
- Loaded payloads are obfuscated to _bypass NIDS_
- http/https/socks4/socks5 **Proxy support**- **Convenient**: A robust interface with many crucial features
- Detailed help for any option (`help` command)
- _Cross-platform_ on both client and server.
- CLI supports auto-completion & multi-command
- Session saving/loading feature & persistent history
- Multi-request support for large payloads (such as uploads)
- Provides a powerful, highly configurable settings engine
- Each setting, such as user-agent has a _polymorphic mode_
- Customisable environment variables for plugin interaction
- Provides a complete plugin development API* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#### Supported platforms (as attacker):
- GNU/Linux
- Mac OS X#### Supported platforms (as target):
- GNU/Linux
- BSD-like
- Mac OS X
- Windows NT## Contributors
Thanks goes to these wonderful people:
nil0x42
💻 🚇 🔌 ⚠️
shiney-wh
💻 🔌
Wannes Rombouts
💻 🚧
Amine Ben Asker
💻 🚧
jose nazario
📖 🐛
Sujit Ghosal
📝
Zerdoumi
🐛
tristandostaler
🐛
Rohan Tarai
🐛
Jonas Lejon
📝
This project follows the [all-contributors](https://github.com/all-contributors/all-contributors) specification. Contributions of any kind welcome