From b5609214b4e92dc1fbfeac1ea864d0467f7191e2 Mon Sep 17 00:00:00 2001
From: TarlogicSecurity <andres.tarasco@tarlogic.com>
Date: Wed, 2 May 2018 09:58:45 +0200
Subject: [PATCH] Update README.md

---
 README.md | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index a36f7e1..cde7f79 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,14 @@
 # Chankro
-Herramienta para evadir disable_functions y open_basedir. Permite generar un PHP que ejecutará un binario o script que se le pase como input.
+Your favourite tool to bypass __disable_functions__ and __open_basedir__ in your pentests. 
 
-Ejemplo:
+## How it works
+PHP in Linux calls a binary (sendmail) when the mail() function is executed. If we have putenv() allowed, we can set the enviroment variable "LD_PRELOAD", so we can preload an arbitrary shared object. Our shared object will execute our custom payload (a binary or a bash script) without the PHP restrictions, so we can have a reverse shell, for example.
+
+## Example:
+
+The syntax is pretty straightforward:
+
+`python chankro.py --arch 64 --input rev.sh --output chan.php --path /var/www/html`
+
+Note: path is the absolute path where our .so will be dropped.
 
-python chankro.py --arch 64 --input rev.sh --output chan.php --path /var/www/html