simple PHP server backdoor

.
Label: , ,
  • Agregar a Technorati
  • Agregar a Del.icio.us
  • Agregar a DiggIt!
  • Agregar a Yahoo!
  • Agregar a Google
  • Agregar a Meneame
  • Agregar a Furl
  • Agregar a Reddit
  • Agregar a Magnolia
  • Agregar a Blinklist
  • Agregar a Blogmarks

Techniques backdooring web server

Let ...
if the hearing would be in our minds phpshell, aspshell, or Techniques backdoring use ssh and others.
But we will study this time is about php shell, and you all have with php shell c99 for example, r57, c100, and others.

as if we find a bug or a slit in the web server that can inject it with php shell script we must Planted in the backdoor so that we can soon enter into the system again ....
It also can we patch again slit or holes where we so no person other than we are in, although the admin themselves do not know: P.

Suspicion webnya admin will have is to go in to see log files or with the suspicious files in the web server, Therefore, if we inculcate phpshell using the names of files that are not suspicious.
But the admin is not carefully will not suspicious of it, but the admin will purchase carefully the size of the file that is not normal in the web server, so from here we need a backdoor that is not suspicious, and small size.

So what the solution?

only a simple bug in the new server so that we can enter again, the remote file inclution errors occur because of the configuration files php.
then we make like this
php files you create in the name you give, here's an example file name help.php

and we help.php content with the php code below



see the size, this is a very small files
and we can upload to our server target

and very small files that will not attract attention from the admin, we can use it with the way http://target.com/[patch] /help.php?url=evilcode.txt???

Just from my simple, safe and happy to try hacking


cool people

0 komentar:

Langganan: Posting Komentar (Atom)
Posting Komentar