Learn Pentesting like a Pro!

Share this post

How to setup a PHP file dropper without tools

pentesting.academy

How to setup a PHP file dropper without tools

pentesting.academy
Mar 7, 2021
Share this post

How to setup a PHP file dropper without tools

pentesting.academy

After we have compromised a machine inside a network, we need to download tools for lateral movement, local exploits to escalate privileges, etc. Knowing how to setup a file dropper is crucial.

When I was doing the OSCP 24-hour exam but also when doing the training in the labs, that was very useful as I could easily download any payload, Trojan or implant from my kali machine to the target machine:

How to setup a PHP file dropper with one liner
How to set up a PHP file dropper with one liner

For a more "heavy" tool but much more powerful have a look to this one: https://github.com/kgretzky/pwndrop

For more hints about post exploitation, check post-exploitation post here:

Learn Pentesting like a Pro
🥷 The Art of Pentesting: Post-exploitation like an APT
Linux Post-exploitation Check wrong permissions: Find setuid binaries: find / -perm -4000 -ls 2> /dev/null Find files world writable: find / -path /sys -prune -o -path /proc -prune -o -type f -perm -o=w -ls 2> /dev/null Find directories world writable…
Read more
3 months ago · pentesting.academy

Thanks for reading Learn Pentesting like a Pro! Subscribe for free to receive new posts.

Share this post

How to setup a PHP file dropper without tools

pentesting.academy
Comments
TopNew

No posts

Ready for more?

© 2023 pentesting.academy
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing