pinky - The PHP mini RAT (Remote Administration Tool) - Cyber Security Forum (X-code)

pinky - The PHP mini RAT (Remote Administration Tool)

Moderators: Paman, Xshadow, indounderground, NeOS-01

Forum rules
Membahas bugs,penetrasi, eksploitasi dan teknik mengamankan website - websrver. Sertakan POC disini agar member dapat mempelajarinya

Post Reply

1 post • Page 1 of 1

familycode: Posts: 714; Joined: Thu Oct 13, 2005 4:06 pm; Location: Yogyakarta; Contact:
Contact familycode

Website

pinky - The PHP mini RAT (Remote Administration Tool)

Quote

Post by familycode » Sun Oct 14, 2018 8:21 am

pinky - The PHP mini RAT (Remote Administration Tool)

Uploading a webshell is almost always the next step after exploiting a web vulnerability, but services like Cloudflare and the new generation of firewalls do a really good job preventing attackers to run commands in the target via HTTP or HTTPS. On the other hand, text content filtering and whitelisting applications policies can be easily exploited with a minimum effort and pinky is a PoC of that.
How is pinky different?

First, pinky tries to find which function is enabled to run system commands; after finding which php function is the best, all communication is encrypted, so even if the Firewall is enabled to read the traffic, it won't be able to determine whether the activity is malicious or not. Also, pinky is able to communicate through any kind of proxy. In addition to this, we need to send a Basic Authentication (completely insecure, I know!) to avoid others to communicate with the pinky's agent.

https://github.com/davidtavarez/pinky

http://xcode.or.id
http://xcode.or.id/professional
http://xcode.or.id/community
http://xcode.or.id/blog

Post Reply

1 post • Page 1 of 1

Return to “Web Hacking”