Forum Thread: Phpbot v1.1.3

Phpbot v1.1.3

Hi all!

I have learned a lot of knowledge from this place so today I bring to you something back, phpbot v1.1.3. The bot will run on any web host with php enabled. Please use it wisely, I understand this is white hat community and I in no way endorse or encourage the the misuse of this code. I also take no responsibility for what the code does or doesn't do :)

Step 1: Copy the Code into Nano or Vim or Such.

phpbot v1.1.3

Edit as you see fit, i have put comments next to the parts you need to concern yourself with most but for simplicity's sake here is the options:

"server"= //irc server
"port"= //irc server port
"pass"= //irc server pass
"prefix"= //what your bot should be called
"maxrand"= //leave this
"chan"= //your irc channel
"key"= //chan key
"modes"= //irc channel mode
"password"= //your pass to control the bot
"trigger"= //change to what you prefer
"hostauth"= // for any hostname

Step 2: Save as filename.php

move it into your http dir, if its some web host then place it into which ever dir you put your files, if its your own server its usually around /var/www area.

Step 3: Load It.

point your web browser to the appropriate url http://myhost/mybot.php

Step 4: Congratulations or Commiseration

If the host or server is vulnerable then your bot will pop onto irc to the parameters you selected. If not then probably nothing will happen and unless you can get access to cmd line at the host you don't have much chance of debugging this baby.

Step 5: Control It

Commands for the bot:
.user <password> //login to the bot
.logout //logout of the bot
.die //kill the bot
.restart //restart the bot
.mail <to> <from> <subject> <msg> //send an email
.dns <IP|HOST> //dns lookup
.download <URL> <filename> //download a file
.exec <cmd> // uses shellexec() //execute a command
.cmd <cmd> // uses popen() //execute a command
.info //get system information
.php <php code> // uses eval() //execute php code
.tcpflood <target> <packets> <packetsize> <port> <delay> //tcpflood attack
.udpflood <target> <packets> <packetsize> <delay> //udpflood attack
.raw <cmd> //raw IRC command
.rndnick //change nickname
.pscan <host> <port> //port scan
.ud.server <newhost> <newport> newpass //change IRC server

Before you can control the bot you need to log in to it with your password so .user password and the bot will start accepting your commands.

Step 6: White Hat Promise.

You will of course need the key to un-encrypt the code and now I know you have read the instructions and not here for a hit and run then please feel free :)


Cptcrunch O__o

4 Responses

Hi CAPTINCRUNCH, I recently registered on null-byte, and I am wondering if i can use phpbot for something like teamspeak? In advance I apologize for my bad english speaking.

Thanks for you answer.


phpbot will run as apache user. If you create a payload that works on the host you can use phpbot to download the payload to the web server then use phpbot to run the payload.

Provided the host is exploitable and you use the correct payload then this should work.

Thanks for you quick answer CAPTINCRUNCH. I will enquire about this payload for my case

no problem, metasploit is a good place to look for payloads etc. Hope you achieve your goals :)

Share Your Thoughts

  • Hot
  • Active