Creating an Emojis PHP WebShell- 1 min
I recently came across an interesting behaviour on PHP. Apparently, PHP permits the usage of Unicode characters as variable names. Therefore, friendly emojis can be used as a PHP variable.
<?php $😶="Hello World!"; echo($😶);
>> Hello World!
Which is valid.
I thought about making a fancy example of a PHP Web-Shell using emojis. This is made for entertainment purposes, no real advantage is gained by using Emojis webshell. It may disturb/confuse a WAF or back-end parser, but it’s not confirmed against a real-world environment.
Usage can be as:
You can create a CLI for it to do more; I am only publishing it as a proof of concept.