Full-featured C2 framework which silently persists on webserver via polymorphic PHP oneliner. The obfuscated communication is accomplished using HTTP headers under standard client requests and web server's relative responses, tunneled through a tiny polymorphic backdoor. Detailed help for any option (help command) Cross-platform on both client and server. CLI supports auto-completion & multi-command. Session saving/loading feature & persistent history. Multi-request support for large payloads (such as uploads) Provides a powerful, highly configurable settings engine. Each setting, such as user-agent has a polymorphic mode. Customizable environment variables for plugin interaction. Provides a complete plugin development API.

Features

  • Run commands and browse filesystem, bypassing PHP security restrictions
  • Upload/Download files between client and target
  • Edit remote files through local text editor
  • Run SQL console on target system
  • Spawn reverse TCP shells
  • Nearly invisible by log analysis and NIDS signature detection

Project Samples

phpsploit Screenshot 1

Project Activity

See All Activity >

Categories

Post-Exploitation Frameworks

License

GNU General Public License version 3.0 (GPLv3)

Follow phpsploit

phpsploit Web Site

Other Useful Business Software
Gen AI apps are built with MongoDB Atlas Icon
Gen AI apps are built with MongoDB Atlas

Build gen AI apps with an all-in-one modern database: MongoDB Atlas

MongoDB Atlas provides built-in vector search and a flexible document model so developers can build, scale, and run gen AI apps without stitching together multiple databases. From LLM integration to semantic search, Atlas simplifies your AI architecture—and it’s free to get started.
Start Free
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of phpsploit!

Additional Project Details

Programming Language

Python

Related Categories

Python Post-Exploitation Frameworks

Registered

2023-06-07
Report inappropriate content