Updates PhpSploit - Stealth post-exploitation framework.

Updates PhpSploit – Stealth post-exploitation framework.

Latest Change :
+ support full attacker path recognition on plugins change attacker filepath transformer from os.path.abspath() to utils.path.truepath(), which also supports expanduser() and expandvars().
affected plugins: upload (argv 1), download (argv 2).

+ oracle` plugin: add support for SID connector The oracle plugin tries to use <CONNECTOR> as a SERVICE_NAME oracle connection paradygm. If the connection fails, it tries to use it as an SID oracle connection paradygm.

How to Update:
+ cd <your Clone Folder>
+ git pull

PhpSploit is a remote control framework, aiming to provide a stealth interactive shell-like connection over HTTP between client and web server. It is a post-exploitation tool capable to maintain access to a compromised web server for privilege escalation purposes.

PhpSploit is a remote control framework, aiming to provide a stealth interactive shell-like connection over HTTP between client and web server

PhpSploit is a remote control framework, aiming to provide a stealth interactive shell-like connection over HTTP between client and web server

Features :
Efficient: More than 20 plugins to automate post-exploitation tasks
+ Run commands and browse filesystem, bypassing PHP security restrictions
+ Upload/Download files between client and target
+ Edit remote files through local text editor
+ Run SQL console on target system
+ Spawn reverse TCP shells

Stealth: The framework is made by paranoids, for paranoids
+ Nearly invisible by log analysis and NIDS signature detection
+ Safe-mode and common PHP security restrictions bypass
+ Communications are hidden in HTTP Headers
+ Loaded payloads are obfuscated to bypass NIDS
+ http/https/socks4/socks5 Proxy support

Convenient: A robust interface with many crucial features
+ Cross-platform on both the client and the server.
+ Powerful interface with completion and multi-command support
+ Session saving/loading feature, with persistent history
+ Multi-request support for large payloads (such as uploads)
+ Provides a powerful, highly configurable settings engine
+ Each setting, such as user-agent has a polymorphic mode
+ Customisable environment variables for plugin interaction
+ Provides a complete plugin development API

Download : master.zip  | or Git Clone | Our Post Before
Source : https://github.com/nil0x42