Archive for October 9th, 2008
PHP Shell
PHP Shell is a shell wrapped in a PHP script. It’s a tool you can use to execute arbitrary shell-commands or browse the filesystem on your remote webserver. This replaces, to a degree, a normal telnet connection, and to a lesser degree a SSH connection. It`s a convenient interface to execute shell-commands or browse the filesystem on your remote web server. Similar to a telnet or SSH connection. Use it for administration and maintenance of your web site using commands like ps, cat, gunzip, and more. Please use the SourceForge, the world’s largest development and download repository of Open Source code and applications facilities to obtain help on PHP Shell. The latest version of PHP Shell is 2.1 from December 27, 2005.
-=-
PHP Shell v2.1 by Martin Geisler
-=-
PHP Shell just gives you a convenient interface to the normal PHP commands for executing programs. There’s no magic going on here. This applies to everybody: go read the PHP documentation on “proc_open” if you’re in doubt as to what PHP Shell gives you.
-=-
proc_open — Execute a command and open file pointers for input/output
-=-
To run PHP Shell via an URL you simply have to pass a command via the command GET argument. Remember that you have to encode it yourself like the PHP urlencode() function would do: replace spaces with + and other non-alphanumeric characters with their hexadecimal representation.
Then something like this should work:
http://example.com/phpshell.php?command=chmod+a%2Bx+somescript
where the spaces have been encoded as + and the + itself is encoded as %2B.
Everybody: please understand that enabling PHP on your webserver is a risk — you turn something which would normally just server static pages (an idempotent operation) into something which can potentially make a whole lot of problems.
I’ve said it before and I’ll say it again: PHP Shell has no “magic” commands in it, just a simple call to the builtin proc_open() PHP function. So the problem lies with PHP — PHP Shell just makes it more convenient to exploit insecure PHP installations, but it does not fundamentally change the problem. Use the phpshell-devel mailing list for all discussion on PHP Shell.
[Martin Geisler - PHP Shell] – See the index and manual of Martin Geisler`s PHP Shell
To Be Continued . . . [ Implementation of PHP Shell ] – “security is not hacking”
