Tags: php-shell web rce php 

Rating: 5.0

jrozansk – July 16, 2018, 11:32 p.m.

I cannot reproduce behavior described in this writeup with "echo '' > drakylar.php;" payload.
I managed to see how alien_sector.php looks like and there is file_put_contents('alien_message/'.$unique.'.'.$_POST['type'], $check); function used to save file.

I don't get how this system call is saved to drakylar.php file in this example.
Could anyone clarify?