This fork intends to upgrade the Python2 version of Chankro to Python3
Your favourite tool to bypass disable_functions and open_basedir in your pentests.
PHP in Linux calls a binary (sendmail) when the mail() function is executed. If we have putenv() allowed, we can set the environment variable "LD_PRELOAD", so we can preload an arbitrary shared object. Our shared object will execute our custom payload (a binary or a bash script) without the PHP restrictions, so we can have a reverse shell, for example.
The syntax is pretty straightforward:
$ python3 chankro.py --arch 64 --input rev.sh --output shell.phtml --path /var/www/html
Note: path is the absolute path where our .so will be dropped.
git clone https://github.com/kriss-u/chankro-py3.git
cd chankro-py3
python3 chankro.py --help