phpsploit icon indicating copy to clipboard operation
phpsploit copied to clipboard
verified publisher icon nil0x42

Connect to target issue

Open Jadmintor opened this issue 3 years ago • 5 comments

im sure for adding backdoor command to php, if i test using my own website this is work perfectly, but if i test to another web using same file php this is not connect to my phpsploit, please help

Jadmintor avatar Dec 19 '22 10:12 Jadmintor

It will be hard to help without further information.

Keep in mind that your PASSKEY setting in phpsploit much be identical to the one in the php backdoor.

But other things might explain why it doesn't work:

Maybe non-standard headers are stripped by a proxy between you and your target. If soi, try tweaking settings. For example:

set REQ_DEFAULT_METHOD POST

You can also try setting PASSKEY to a standard header that's not widely used but still kind of 'official', such as VIA, X_FORWARDED_FOR, or VARY. That way, you increase the chance for the hypothetical proxy to not strip your header

nil0x42 avatar Dec 19 '22 12:12 nil0x42

Obviously, in phpsploit you must use set TARGET hxxp://TARGET/path/to/backdoor.php, and then exploit to connect to your new target.

nil0x42 avatar Dec 19 '22 12:12 nil0x42

im sure for adding backdoor command to php, if i test using my own website this is work perfectly, but if i test to another web using same file php this is not connect to my phpsploit, please help

You should check in the new target disabled functions php

Nader-abdi avatar Aug 06 '23 09:08 Nader-abdi

@Nader-abdi it yould be a problem. Initially i wrote phpsploit to use only functions that are almost never disabled during the connection step.

If some functions i use on connection step tend to become disabled on some sites, it might be worth investigating, in order to update the connector.

Please tell me if you have information regarding this.

nil0x42 avatar Aug 12 '23 12:08 nil0x42

@Nader-abdi it yould be a problem. Initially i wrote phpsploit to use only functions that are almost never disabled during the connection step.

If some functions i use on connection step tend to become disabled on some sites, it might be worth investigating, in order to update the connector.

Please tell me if you have information regarding this.

Yes I saw several problems when connecting , some target disabled this function ini_get_all() and ini_set() when they modified the cream the problem was solved

Nader-abdi avatar Aug 12 '23 13:08 Nader-abdi