We’ve all suffered it. At some point in a developer’s career there will be a day when everything goes tits-up, a site comes crashing down and the site owner isn’t around to give FTP access or full server access.
Sometimes, all we need is command line access
99 times out of a hundred, I won’t even work on a site if the site owner doesn’t provide server access but, occasionally, better judgement, years of experience and wisdom hoist their wares and take a family road-trip to some unreachable place.
Take today, for example, I was troubleshooting a website for a friend. Nice easy job that I knew would take under 10 minutes to complete. I fixed the fault then thought I’d go that extra mile and activate a security plugin. Total disaster! The plugin crashed. The site died.
Without obvious access to the server because the login creds had been changed and I hadn’t been updated with the new username and password, I was screwed. What was I to do?
Luckily I had access to another WordPress site on the same server. I knew three pieces of information:
- deleting the files for the crashed plugin would force WP to disable the plugin
- I can install PHP Shell onto the server
- I can use WPIDE to create the files needed for PHP Shell
In this case, I logged into the second WordPress site and created the PHP Shell files manually. Using PHP Shell I was able to CD into the other WordPress site’s files and delete the security plugin (so much for security! Thank you Mr. Server for not setting Open_BaseDir protocols). Disaster over.
It was a few hours after this episode of Disaster in Web Design that I got to thinking it would be awesome to write a few plugins for installing PHP Shells into WordPress.
PHP Shells, PHP Terminals and PHP Command Line Scripts – whatever else you want to call them – use PHP to execute commands on servers. Using a PHP shell is almost as good as using SSH to run server commands. They are so incredibly good that hackers use PHP shells to upload and modify files on servers.
A shell can be used to browse files, delete files, create files, change file permissions, stop and start processes and install software, among other things. Almost anything that can be done using a Linux command line can be done using a PHP Shell.
These 6 WordPress plugins install PHP Shell, PHP Terminal, Ajax/PHP Shell, PHP File Manager, Cyb3r Sh3ll and Ani Shell onto a server using WordPress as the delivery agent.
Be absolutely certain to delete these plugins when they are not in use. Even with passwords set, these plugins install very powerful command line UIs that could be used to destroy every file on a server or to turn a server into a zombie participant in DDoS attacks. Use at own risk. I highly advise you delete the plugins after use.
My favorite is PHP Shell. Cyb3r Sh3ll is useful for hacking. Google for Linux Command Line help.
Please use these WordPress plugins responsibly.
Knowing what I know now, the next time I need to work on a server for which I do not have direct access to its files, I will first install a PHP shell into the site I’m working on.
Update 14th Feb 2014
Please accept my apology. I have removed the downloads. This is temporary. I recently built a new replacement plugin to encompass all the above but the replacement turned into a simple framework that I will soon be releasing on GitHub. Expect first public alpha release to arrive this weekend.