首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全工具>后门程序>软件详细
软件名称:  PhpShell.php
文件类型:  
界面语言:  简体中文
软件类型:  国产软件
运行环境:  Linux
授权方式:  共享软件
软件大小:  6K
软件等级:  ★★★★☆
发布时间:  2004-05-28
官方网址: http://www.gimpster.com/wiki/P 作者:0t0
演示网址:
软件说明:  
README for PhpShell 2.0
Copyright (C) 2000-2004 Martin Geisler <gimpster@gimpster.com>
Licensed under the GNU GPL.  See the file COPYING for details.

What is PhpShell?
------------------
PhpShell is a shell wrapped in a PHP script.  It's a tool you can use
to execute arbitrary shell-commands or browse the filesystem on your
remote webserver.  This replaces, to a degree, a normal
telnet-connection.  You can use it for transferring your site as a
compressed file, and then unpack it on the webserver, administration
and maintenance of your website using commands like ps, free, du, df
etc...


Limitations
-----------
There are some limitations on what kind of programs you can run.  It
won't do no good if you start something like Netscape or even vi.  All
programs have to be strictly command-line programs, and they will have
no chance of getting user input after they have been lunched.  They
probably also have to terminate within 30 seconds, as this is the
default time-limit imposed unto all PHP scripts, to prevent them from
running in an infinite loop.  Your ISP may have set this time-limit to
something else.

But you can rely on all the normal shell-functionality, like pipes,
output and input redirection, etc...  (There is no <tab>-completion,
though :-)


Safe Mode
---------
If PHP is running in Safe Mode, then you cannot use PhpShell ---
sorry.  Safe Mode restricts the commands that can be executed using
the shell_exec() call in PHP, and it also restricts the files and
directories that can be accessed using other calls in PHP.

The effect is, that PhpShell simply doesn't work --- you cannot
change directory and you cannot execute any commands.

Safe Mode is often used on servers that host several websites for
different users to limit the users ability to peek at each others
files.


Who am I?
---------
(Well, my name is Martin, but that's not the point :-)

You may not be the same user when using PhpShell, as you are when you
upload your files with ftp.  On some systems you will be 'nobody', on
other systems you will become 'httpd' or 'www-data'.  This is a rather
dangerous "feature" of PhpShell! So use it at your own risk and
remember to choose a good password as described in the INSTALL file.

If you want to execute code as different user, then it's possible to
do so by using the Sudo program available from this address:

  http://www.courtesan.com/sudo/

The trick is to configure Sudo to allow the user running the webserver
to execute certain commands as a more privileged user.  Please refer
to the documentation for Sudo for further information about doing
this.


How to Use It
-------------
When you point your browser at PhpShell and types in your password
(see the file INSTALL for more information on how to change the
password), you'll be presented with a rather simple page containing
nothing much except a big window with the cursor blinking at the
bottom, signaling that it's ready to obey your commands.

Write a command and press RET --- or alternatively, press the 'Execute
Command' button if you insist.  The command will be executed and the
result will be shows in the terminal.  You can now enter another
command.

To be more precise: the terminal is updated with the command line you
have just executed, the output of the command to standard out (stdout)
and following that any error output sent to stderr.

The commands are executed relative to a current working directory,
which is written at the top.  You change this by the normal 'cd'
command.


Download
--------
You can download PhpShell from http://www.gimpster.com/wiki/PhpShell.
The tarball/zipfile contains these files:

phpshell.php
  This is the script you run when you use PhpShell.

ChangeLog
  This file describe the changes I've made to PhpShell.  By reading
  it you'll always know when I've added a new feature or made a
  bugfix, and the nature of the feature/bugfix.

README
  This file :-)

INSTALL
  Tells you how to install PhpShell.  Amoung other things, it
  explains how to change the password protection so that you can use
  PhpShell.

  Remember that it's very important to have PhpShell password
  protected, or else everybody will be able so snoop into your files
  and perhaps also be able to delete them!  I've already seen one site
  that were using PhpShell without password-protection --- I was able
  so quickly find their config.inc.php file from phpMyAdmin, and read
  the password to the database!  So please take the time to protect
  PhpShell.

COPYING
  Standard GNU disclaimer
下载地址: 进入下载地址列表
下载说明: ☉推荐使用网际快车下载本站软件,使用 WinRAR v3.10 以上版本解压本站软件。
☉如果这个软件总是不能下载的请点击报告错误,谢谢合作!!
☉下载本站资源,如果服务器暂不能下载请过一段时间重试!
☉如果遇到什么问题,请到本站论坛去咨寻,我们将在那里提供更多 、更好的资源!
☉本站提供的一些商业软件是供学习研究之用,如用于商业用途,请购买正版。
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热门软件
·ASP+PHP两用Shell.rar
·T00ls Lpk Sethc 首创lpk劫持方
·pam_backdoor.tar.gz
·bits.dll
·ASPXspy 2.0
·eeyebootroot.zip
·aspxspy.rar
·新型.net一句话webshell及客户端
·NetCat_New_fixed_version.rar
·rknt.zip
·ZXshell2.0.rar
·Mysql BackDoorDoor
  相关软件
·HELL-DOOR DROPPER
·Poly Server 1.0b
·php_files_thief.rar
·icyfox007v1.10.rar
·saphpshell.rar
·MirLegend
·MDir.vbs
·Flux v0.90a
·Recub.zip 后门(远程管理)程序
·rknt.zip
·cmdbind2及其原码
·ZXshell2.0.rar
 
  推荐广告
CopyRight © 2002-2018 VFocuS.Net All Rights Reserved