GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → flozz → P0wny Shell

flozz / P0wny Shell

Licence: wtfpl
Single-file PHP shell

Labels

pentesting

Projects that are alternatives of or similar to P0wny Shell

Awesome Oscp
A curated list of awesome OSCP resources
Stars: ✭ 804 (-15.28%)
Mutual labels:  pentesting
Pwncat
pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Stars: ✭ 904 (-4.74%)
Mutual labels:  pentesting
Active Directory Exploitation Cheat Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Stars: ✭ 870 (-8.32%)
Mutual labels:  pentesting
Sn0int
Semi-automatic OSINT framework and package manager
Stars: ✭ 814 (-14.23%)
Mutual labels:  pentesting
Security
Some of my security stuff and vulnerabilities. Nothing advanced. More to come.
Stars: ✭ 835 (-12.01%)
Mutual labels:  pentesting
Cve 2016 8610 Poc
CVE-2016-8610 (SSL Death Alert) PoC
Stars: ✭ 26 (-97.26%)
Mutual labels:  pentesting
Privesc
A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: ✭ 786 (-17.18%)
Mutual labels:  pentesting
Gogitdumper
Dump exposed HTTP .git fast
Stars: ✭ 27 (-97.15%)
Mutual labels:  pentesting
Finalrecon
The Last Web Recon Tool You'll Need
Stars: ✭ 888 (-6.43%)
Mutual labels:  pentesting
Kubernetes Goat
Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.
Stars: ✭ 868 (-8.54%)
Mutual labels:  pentesting
Ciphey
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
Stars: ✭ 9,116 (+860.59%)
Mutual labels:  pentesting
Hashtopolis
A Hashcat wrapper for distributed hashcracking
Stars: ✭ 835 (-12.01%)
Mutual labels:  pentesting
V3n0m Scanner
Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Stars: ✭ 847 (-10.75%)
Mutual labels:  pentesting
Sprayingtoolkit
Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
Stars: ✭ 802 (-15.49%)
Mutual labels:  pentesting
Scanless
online port scan scraper
Stars: ✭ 875 (-7.8%)
Mutual labels:  pentesting
Goscan
Interactive Network Scanner
Stars: ✭ 795 (-16.23%)
Mutual labels:  pentesting
Commoncrawlparser
Simple multi threaded tool to extract domain related data from commoncrawl.org
Stars: ✭ 25 (-97.37%)
Mutual labels:  pentesting
Outsmarting Smart Contracts
A repo with information about security of Ethereum Smart Contracts
Stars: ✭ 29 (-96.94%)
Mutual labels:  pentesting
Babysploit
👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍
Stars: ✭ 883 (-6.95%)
Mutual labels:  pentesting
Sudomy
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 859 (-9.48%)
Mutual labels:  pentesting
View All Similar Projects ➔

[email protected]:~# -- Single-file PHP Shell

[email protected]:~# is a very basic, single-file, PHP shell. It can be used to quickly execute commands on a server when pentesting a PHP application. Use it with caution: this script represents a security risk for the server.

Features:

  • Command history (using arrow keys )
  • Auto-completion of command and file names (using Tab key)
  • Navigate on the remote file-system (using cd command)
  • Upload a file to the server (using upload <destination_file_name> command)
  • Download a file from the server (using download <file_name> command)

WARNING: THIS SCRIPT IS A SECURITY HOLE. DO NOT UPLOAD IT ON A SERVER UNTIL YOU KNOW WHAT YOU ARE DOING!

Screenshot

Demo with Docker:

    docker build -t p0wny .
    docker run -it -p 8080:80 -d p0wny
    # open with your browser http://127.0.0.1:8080/shell.php

Changelog

  • 2021-01-24:
    • Style improvements:
    • Ergonomic improvements:
      • Focus the command field when clicking the page (@nakamuraos)
      • Put the cursor at the end of the command field while navigating the history (@nakamuraos)
  • 2019-06-07: Adds the clear command to clear the terminal (@izharaazmi #12)
  • 2018-12-15: File upload and download feature (@Oshawk #5)
  • 2018-06-01:
    • Auto-completion of command and file names (@lo001 #2)
    • Adaptation to mobile devices (responsive) (@lo001 #2)
    • Improved handling of stderr (@lo001 #2)
  • 2018-05-30:
    • ES5 compatibility (@lo00l #1)
    • Dependency to JQuery removed (@lo00l #1)
    • Command history using arrow keys (@lo00l #1)
    • Keep the command field focused when pressing the tab key
  • 2017-10-30: CSS: invalid color fixed
  • 2016-11-10: Initial release
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].