OS Command Exec, Unix Command Shell, Reverse TCP SSL (via perl)

Execute an OS command from PHP. Creates an interactive shell via perl, uses SSL Module Options msf use payload/php/unix/cmd/reverseperlssl msf payloadreverseperlssl show actions ...actions... msf payloadreverseperlssl set ACTION msf payloadreverseperlssl show options ...show and set options... ms...

OS Command Exec, Unix Command Shell, Reverse TCP (via Lua)

Execute an OS command from PHP. Creates an interactive shell via Lua Module Options msf use payload/php/unix/cmd/reverselua msf payloadreverselua show actions ...actions... msf payloadreverselua set ACTION msf payloadreverselua show options ...show and set options... msf payloadreverselua run Thi...

OS Command Exec, Unix Command Shell, Reverse TCP SSL (via Ruby)

Execute an OS command from PHP. Connect back and create a command shell via Ruby, uses SSL Module Options msf use payload/php/unix/cmd/reverserubyssl msf payloadreverserubyssl show actions ...actions... msf payloadreverserubyssl set ACTION msf payloadreverserubyssl show options ...show and set...

OS Command Exec, Unix Command Shell, Reverse TCP (via jjs)

Execute an OS command from PHP. Connect back and create a command shell via jjs Module Options msf use payload/php/unix/cmd/reversejjs msf payloadreversejjs show actions ...actions... msf payloadreversejjs set ACTION msf payloadreversejjs show options ...show and set options... msf...

OS Command Exec, Unix Command Shell, Reverse TCP (via ncat)

Execute an OS command from PHP. Creates an interactive shell via ncat, utilizing ssl mode Module Options msf use payload/php/unix/cmd/reversencatssl msf payloadreversencatssl show actions ...actions... msf payloadreversencatssl set ACTION msf payloadreversencatssl show options ...show and set...

OS Command Exec, Unix Command Shell, Reverse TCP SSL (via php)

Execute an OS command from PHP. Creates an interactive shell via php, uses SSL Module Options msf use payload/php/unix/cmd/reversephpssl msf payloadreversephpssl show actions ...actions... msf payloadreversephpssl set ACTION msf payloadreversephpssl show options ...show and set options... msf...

OS Command Exec, Unix Command Shell, Double Reverse TCP SSL (openssl)

Execute an OS command from PHP. Creates an interactive shell through two inbound connections Module Options msf use payload/php/unix/cmd/reverseopenssl msf payloadreverseopenssl show actions ...actions... msf payloadreverseopenssl set ACTION msf payloadreverseopenssl show options ...show and set...

OS Command Exec, Unix Command Shell, Reverse TCP (stub)

Execute an OS command from PHP. Creates an interactive shell through an inbound connection stub only, no payload Module Options msf use payload/php/unix/cmd/reversestub msf payloadreversestub show actions ...actions... msf payloadreversestub set ACTION msf payloadreversestub show options ...show...

OS Command Exec, Unix Command Shell, Reverse TCP (via Zsh)

Execute an OS command from PHP. Connect back and create a command shell via Zsh. Note: Although Zsh is often available, please be aware it isn't usually installed by default. Module Options msf use payload/php/unix/cmd/reversezsh msf payloadreversezsh show actions ...actions... msf...

OS Command Exec, Unix Command Shell, Reverse UDP (via socat)

Execute an OS command from PHP. Creates an interactive shell via socat Module Options msf use payload/php/unix/cmd/reversesocatudp msf payloadreversesocatudp show actions ...actions... msf payloadreversesocatudp set ACTION msf payloadreversesocatudp show options ...show and set options... msf...

OS Command Exec, Unix Command Shell, Reverse TCP SSL (telnet)

Execute an OS command from PHP. Creates an interactive shell via mkfifo and telnet. This method works on Debian and other systems compiled without /dev/tcp support. This module uses the '-z' option included on some systems to encrypt using SSL. Module Options msf use...

OS Command Exec, Unix Command Shell, Reverse TCP (via Python)

Execute an OS command from PHP. Connect back and create a command shell via Python Module Options msf use payload/php/unix/cmd/reversepython msf payloadreversepython show actions ...actions... msf payloadreversepython set ACTION msf payloadreversepython show options ...show and set options... msf...

OS Command Exec, Unix Command Shell, Reverse TCP (via socat)

Execute an OS command from PHP. Creates an interactive shell via socat Module Options msf use payload/php/unix/cmd/reversesocattcp msf payloadreversesocattcp show actions ...actions... msf payloadreversesocattcp set ACTION msf payloadreversesocattcp show options ...show and set options... msf...

OS Command Exec, Unix Command Shell, Pingback Reverse TCP (via netcat)

Execute an OS command from PHP. Creates a socket, send a UUID, then exit Module Options msf use payload/php/unix/cmd/pingbackreverse msf payloadpingbackreverse show actions ...actions... msf payloadpingbackreverse set ACTION msf payloadpingbackreverse show options ...show and set options... msf...

OS Command Exec, Unix Command Shell, Double Reverse TCP SSL (telnet)

Execute an OS command from PHP. Creates an interactive shell through two inbound connections, encrypts using SSL via "-z" option Module Options msf use payload/php/unix/cmd/reversessldoubletelnet msf payloadreversessldoubletelnet show actions ...actions... msf payloadreversessldoubletelnet set...

OS Command Exec, Unix Command Shell, Reverse TCP (via R)

Execute an OS command from PHP. Connect back and create a command shell via R Module Options msf use payload/php/unix/cmd/reverser msf payloadreverser show actions ...actions... msf payloadreverser set ACTION msf payloadreverser show options ...show and set options... msf payloadreverser run This...

USN-7562-1: Tomcat vulnerabilities

It was discovered that Tomcat did not include the secure attribute for session cookies when using the RemoteIpFilter with requests from a reverse proxy. An attacker could possibly use this issue to leak sensitive information. This issue was fixed for tomcat8 on Ubuntu 18.04 LTS and for tomcat9 on...

USN-7562-1 tomcat vulnerabilities

It was discovered that Tomcat did not include the secure attribute for session cookies when using the RemoteIpFilter with requests from a reverse proxy. An attacker could possibly use this issue to leak sensitive information. This issue was fixed for tomcat8 on Ubuntu 18.04 LTS and for tomcat9 on...

Exploit for CVE-2025-49619

CVE-2025-49619 PoC --- This script exploits CVE-2025-49619...

Exploit for Code Injection in Squirrelly

CVE-2024-40453 - Squirrelly v9.0.0 RCE Disclaimer: This sc...