PHP Shell
PHP Shell is a shell wrapped in a PHP script. It's a tool you can use to execute arbiritary shell-commands or browse the filesystem on your remote Web server. This replaces, to a degree, a normal telnet-connection. You can use it for administration and maintenance of your Web site using commands like ps, free, du, df, and more.
| Tags | Internet Web Dynamic Content CGI Tools/Libraries Installation/Setup Networking Monitoring Systems Administration Site Management Terminals Shells |
|---|---|
| Licenses | GPL |
| Operating Systems | OS Independent |
| Implementation | PHP |
Recent releases
- 26 Dec 2005 21:10
Changes: Authentication is now handled internally in PHP in an attempt to solve reported login problems. Configuration settings were moved to an ini file, and handling of PHP Safe Mode was improved with better error messages.
- 26 Mar 2004 23:58
Changes: The shell now has a command line history just like a real shell, and the design was changed to mimic a real shell more closely. The parsing of 'cd' commands was rewritten so that even more special cases are taken care of, and simple command substitution using aliases has been introduced.
- 17 Nov 2003 17:34
Changes: The handling of symbolic links was fixed so that one can go back with 'cd ..' after going into a directory through a link. The directory listing is now sorted.
- 02 Apr 2003 23:28
Changes: The stderr check box now remembers its state, and output is now valid XHTML 1.0 Strict. Compatibility with versions of PHP earlier than 4.1.0 was broken by using the new $_* variables. As functionality in this version is identical to 1.7, it is not necessary to upgrade if this is an issue.
- 18 Sep 2002 12:44
Changes: A problem with PHP 4.2.0 (register_globals are turned off per default from that version onwards) was corrected and the code was cleaned up a little.
- All comments
Recent commentsRe: Potential security issue
> Now, I'm not an alarmist. I'm also very
> strict about backing up everything on
> any of my own or clients' domains -
> files, databases, and so on. So a
> hacking isn't going to kill us.
> Regardless, no one wants to deal with
> the fallout!
>
> My point to commenting here is simply to
> let you know this seems to be a growing
> problem, and to suggest that there might
> be some way you could provide some
> limits within the program to prevent
> this type of use. I have no idea of
> course if that would even be possible.
You have some good points --- it's unfortunate but correct that PHP Shell has been used for finding passwords (since database passwords are written in plain text in most PHP scripts).
As for what one can do about it: run PHP as a CGI in which case I believe it assumes the real user ID of the user who own the script. Then the normal filesystem rules apply to the PHP process as well as to any other process on the system and it is then easy to restrict access to sensible files.
There might be other ways to have Apache run PHP as the correct user, but it's not something I've spend a lot of time on.
Potential security issue
I use a variety of php scripts, including wordpress, cubecart, tolra web directory, etc.
Several times lately, people using those scripts have been hacked by crackers using phpshell and other similar scripts. (I haven't - I just seem to be the only person around the fora who thought it might be worthwhile to contact you....)
The modum operandum is simple: the cracker hooks up phpshell etc. to a domain on shared server space, and browses until s/he finds a database or other configuration information, then uses that from within phpshell to pry open anything they want (or so it seems from reading....)
Now, I'm not an alarmist. I'm also very strict about backing up everything on any of my own or clients' domains - files, databases, and so on. So a hacking isn't going to kill us. Regardless, no one wants to deal with the fallout!
My point to commenting here is simply to let you know this seems to be a growing problem, and to suggest that there might be some way you could provide some limits within the program to prevent this type of use. I have no idea of course if that would even be possible.
Thanks.