ShellPhant0m is a lightweight PHP webshell with a built-in reverse shell launcher. It provides an interactive dropdown interface to trigger reverse connections using either Netcat or Socat, directly from the web interface.
- Single-file PHP shell for remote deployment
- Supports both Netcat and Socat reverse shell connections
- Accepts Ngrok or TCP address directly
- Auto-parses the host and port
- Displays listener command to be run on attacker's machine
- PHP-enabled web server (e.g., Apache, Nginx with PHP)
- A public listener (Ngrok, VPS, port-forwarded server)
- Upload
ShellPhant0m.phpto the target server. - Access the shell via browser.
- Choose either Netcat or Socat from the dropdown menu.
- Paste your Ngrok or TCP address (e.g.,
0.tcp.ap.ngrok.io:12345). - Click Connect to trigger the reverse shell.
ngrok tcp 4444Paste the generated address (e.g., 0.tcp.ap.ngrok.io:12345) into PhantomShell.
For Netcat:
nc -lvnp 4444For Socat:
socat -d -d tcp-l:4444,reuseaddr,fork exec:/bin/bash,pty,stderr,setsid,sigint,saneThis tool is intended for educational and authorized security testing purposes only. Do not use it on systems you do not own or have explicit permission to test.
Anu by : AndKnownMaly