phpsploit
phpsploit copied to clipboard
nil0x42
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
Current implementation of `proclist` plugin uses `win32_ps_list_procs()` php function on Windows host. Therefore, linux implementation is a simple `system("ps -a")`, which is OPSEC unsafe, an would probably trigger EDR alerts....
if two or more phpsploit instances are run with the same session file, the framework should advise user before overriding the session with `session save`, on case where the session...
Sorry, If I missed something but I couldn't find documentation on how to use plugins
i keep getting error when i tried using UPLOAD syntax -] HTTP Error 400: Bad Request [-] upload: Python runtime error (exception occured): [!] Request Error: Communication with the server...
Travis-ci is able to check OSX operating system, phpsploit should be compatible with it and run tests correctly Need to add them on travis's matrix
Probably due to a recent/unexpected regression, the `session load` command seems to work if executed from a *connected* remote shell. This must be fixed ASAP, and a nonreg unit-text must...
Why so many commands that cannot be executed? Like 'git' for example. I cant use git in phpsploit, but I can used it with WebConsole. Why? Is phpsploit used to...
As phpsploit conding convention allows now use of any php function from versions
When navigating a remote system it is useful to be aware of symlinks and paths. Otherwise sometimes you get stuck moving around in circles without noticing for a while. Maybe...
I was thinking that it would be interesting if the script had a databse and when we register targets it store them in it. Then we can list the targets...
