cfreal
commented
3 years ago This is a good starting point: https://github.com/dfyz/ctf-writeups/blob/master/hxp-2020/resonator/fake_ftp.py
Basically it does the file_put_contents() part, you just need to implement the file_get_contents(), which is almost the same.
choket
Hello!
In the article https://www.ambionics.io/blog/laravel-debug-rce you write to the PHP-FPM port using an "evil" ftp server and passive mode. Is there a publicly available implementation of such a server? I looked around but didn't find an ftp server that allowed me out-of-the-box to specify an arbitrary IP and port to write to when connecting via passive mode.