Gopherus: generates gopher link for exploiting SSRF and gaining RCE


If you know a place which is SSRF vulnerable then, this tool will help you to generate Gopher payload for exploiting SSRF (Server Side Request Forgery) and gaining RCE (Remote Code Execution). And also it will help you to get the Reverse shell on the victim server.
And you can get a blog on the same Blog on Gopherus

This tool can generate payload for following:

  1. MySQL (Port-3306)
  2. FastCGI (Port-9000)
  3. Memcached (Port-11211)
    If stored data is getting De-serialized by:
    * Python
    * Ruby
    * PHP
  4. Redis (Port-6379)
  5. Zabbix (Port-10050)
  6. SMTP (Port-25)


git clone
cd Gopherus
chmod +x
sudo ./


gopherus –helpHelp
gopherus –exploitArguments can be :
–exploit mysql
–exploit fastcgi
–exploit redis
–exploit zabbix
–exploit pymemcache
–exploit rbmemcache
–exploit phpmemcache
–exploit dmpmemcache
–exploit smtp



Copyright (c) 2018 Tarunkant Gupta



Read more…


Anastasis Vasileiadis

PC Technical || Penetration Tester || Ethical Hacker || Cyber Security Expert || Cyber Security Analyst || Information Security Researcher || Malware analyst || Malware Investigator || Reverse Engineering

Leave a Reply

SC ProDefence SRL - Cyber Security Services