• Stars
    star
    201
  • Rank 194,491 (Top 4 %)
  • Language
    C
  • License
    MIT License
  • Created about 6 years ago
  • Updated about 6 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

这是一个实验性的PHP扩展,加载这个扩展后,每次请求将可以执行一段自己的PHP代码。

ArbitraryPHP - 任意PHP代码执行扩展

这是一个实验性的PHP扩展,加载这个扩展后,每次请求将可以执行一段自己的PHP代码。

可用于:

  • 管理目标PHP站点
  • HOOK与分析HTTP执行流程
  • 在不修改源代码的情况下控制PHP执行结果

安装

选择对应版本的PHP,下载Releases下的二进制文件安装包,解压并获得相应PHP版本的二进制文件。

执行php -i |grep extension_dir,获取扩展目录:

将二进制文件arbitraryphp.so移动到扩展目录中,并修改php.ini,开启这个扩展:

extension=arbitraryphp.so

使用

请求任意一个PHP,在参数arbitrary_php中增加任意PHP代码,即可执行:

也可以是POST请求:

使用AntSword管理:

从源码编译

你也可以自己编译扩展,首先安装如下软件:

  • docker

编译生成5.4~7.2版本下所有扩展:

bash builds.sh

只生成某个PHP版本的扩展:

docker run -it --rm --name uu -v /root/arbitrary-php:/app tuwen/zephir:7.2 bash /app/build-ext.sh

自定义执行参数

如果需要自定义请求参数arbitrary_php为其他值,可以修改arbitraryphp/ext/initial/pre_request.hREQUEST_NAME的值:

void pre_request(TSRMLS_D);

#define REQUEST_NAME "please_edit_it"

再重新编译扩展即可。

支持

二进制文件仅支持在Linux下使用,Mac或Windows等操作系统,请自行编译。

LICENSE

ArbitraryPHP遵循MIT开源协议发布。

More Repositories

1

Mind-Map

各种安全相关思维导图整理收集
4,457
star
2

JavaThings

Share Things Related to Java - Java安全漫谈笔记相关内容
Java
1,679
star
3

mooder

Mooder是一款开源、安全、简洁、强大的团队内部知识分享平台。
Python
762
star
4

Minos

一个基于Tornado/mongodb/redis的社区系统。
JavaScript
677
star
5

zkar

ZKar is a Java serialization protocol analysis tool implement in Go.
Go
588
star
6

code-breaking

Code-Breaking Puzzles
JavaScript
274
star
7

xray-poc-generation

🧬 辅助生成 XRay YAML POC
JavaScript
252
star
8

vueinfo

Extract website information from Vue
JavaScript
217
star
9

collision-webshell

A webshell and a normal file that have the same MD5
189
star
10

XssHtml

php富文本过滤类,XSS Filter
PHP
148
star
11

python-xss-filter

Based on native Python module HTMLParser purifier of HTML, To Clear all javascript in html
Python
117
star
12

realworldctf

My Real World CTF challenges
Python
115
star
13

py-wget

small wget by python
Python
88
star
14

XDCTF2015

writeup about XDCTF 2015
Python
63
star
15

PaddingZip

PaddingZip is a tool that you can craft a zip file that contains the padding characters between the file content.
Python
61
star
16

PasswordKeeper

一个本地密码管理软件
C++
49
star
17

ctfdbbuilder

a database query builder for CTFer(出题专用/开发阶段/慎用)
PHP
32
star
18

beautifyjs

A simple JavaScript beautify tool
JavaScript
28
star
19

race-condition-playground

Playground for Race Condition attack
Python
24
star
20

phpsrc-debug-docker

Debug environment for PHP inside a Docker container. Document waiting to be completed.
Dockerfile
24
star
21

Pytalk_Irc

An online IRC system based on Web.py~
JavaScript
21
star
22

sangebaimao_20151112

2015.11.12 三个白帽一题的源码
HTML
18
star
23

vindicator

Vindicator is a lightweight Golang library that is designed to hold and check any blocking function. e.g. subprocess, network connection...
Go
18
star
24

projector-runner

Run Swing based GUI application within the Docker container through the Jetbrains Projector, and access it from browsers.
Shell
17
star
25

bytecode-viewer

git lfs based bytecode-viewer and follow dependencies. Based on https://github.com/Konloch/bytecode-viewer and https://github.com/ThexXTURBOXx/bytecode-viewer
Java
15
star
26

Jsdxss

DOMXSS Filter Based on javascript
JavaScript
15
star
27

fbi_installer

remote install 3DS games for FBI
Go
14
star
28

pyduktape2

Embed the Duktape JS interpreter in Python, forking and develop based on https://github.com/stefano/pyduktape
Cython
14
star
29

tls_proxy

A lightweight reverse proxy server that converts TLS traffic to TCP, allowing secure communication between clients and upstream servers.
Go
10
star
30

phith0n

My Github profile page
8
star
31

embedded_django

a minimal django application template
Python
8
star
32

goattribute

goattribute is a lightweight Go library that allows you to set (and get) attributes of a struct dynamically, using dot notation (e.g., `a.b.c`).
Go
6
star
33

go_sampler

A sample for Go project
Go
5
star
34

asp_mssql_tool

exec mssql command on asp lang
ASP
4
star
35

hyperapp-startup

hyperapp startup boilerplate
JavaScript
4
star
36

Talks

ppt and code in some talks
HTML
4
star
37

webhook

github/bitbucket/coding push webhook
PHP
2
star
38

gin-cookiecutter

Gin template for cookiecutter
Go
1
star
39

vue3-cookiecutter

template for vue3 + vite
SCSS
1
star
40

git-skill

1
star
41

django-cookiecutter

cookiecutter is a command-line utility that creates projects from template.
Python
1
star