This is a rewrite of the original script. Unlike the original, which is utilizing an unknown binary (Virus Total), this one is using the well known NC.exe which can be verified by using this Cybercheff recipe to decode the payload and obtain a hash.
- Edit the php script and change the $ip & $port values according to your setup
- Start a reverse listener using
nc -nvlp <port_number> - Upload the shell to a php webserver and execute.