PHP BACKDOOR SCRIPT
Today we will talk about php backdoor ;)
Its nothing but cool php script that we can use in order to
1)
Travel across directories
2)
View files
3)
Edit files
4)
Download files
5)
Delete files
6)
Edit files
7)
Upload files
8)
Execute MySql queries / commands
9)
Bypass mod_security
10)
Permissions to directory/folders
11)
Execute shell commands
In short this is a script which
everyone must have. But always remember it’s a hack don’t upload it on your
server. If you upload it on any apache server anyone can play GOD. So don’t forget to remove from
server when you are done.
I have uploaded it on my github.
I have uploaded it on my github.
Since you're being so nice with this script, at least tell how to protect from it. Unless your goal is destroying other people's work
ReplyDeleteProtection countermeasures are formed using the tools and information from the previous steps. Here are some bullets in the PHP configuration that sysadmins must pay attention:
Delete1)allow_url_fopen: PHP file functions are allowed to include remote files from external FTP or HTTP locations. This option is enabled by default installation and is rarely used.
2) Dangerous PHP functions: Using the disable_functions field in the php.ini, disable all the dangerous PHP system functions (system, shell_exec, passthru etc) that might be used from malicious codes. Be careful with the rare cases in which some web platforms need some of these function.
3) open_basedir: Use this variable in the php.ini configuration to limit file operations to the defined directory and low.
4) web user permission: Carefully examine the web user access level and its permission.
By carefully editing the PHP security audit report options, adopting an automate malware detection tool and examining the bullets mentioned above, an adequate security level is established for your running web servers and platforms.
hello amit.
ReplyDeletei'm new with penetration testing and i love to learn and study about it. currently, i've been focusing on web application security. can you explain how i can handle backdoor after i upload it into server? i mean, what is the next step i should do after i upload it? to recall back the php and taking over the server. what tool should i use? metasploit or sqlmap? i've backtrack running on my laptop. truth is, i'm not fully finish studying backtrack and web app. i hope you can guide a noob like me :)
Hey,
DeleteI have did some research and I think you should go for BackTrack. Just install it on your distro and check for Web Application Analysis.
Attachment Image from BcakTrack
http://i.imgur.com/LpfcsTu.jpg?1
fuck website
ReplyDeleteHello Admin, thank you for enlightening us with your knowledge sharing. PHP has become an inevitable part of web development, and with proper PHP training in Chennai, one can have a strong career in the web development field. We from Fita provide PHP course in Chennai with the best facilitation. Any aspiring students can join us for the best PHP training institute in Chennai.
ReplyDeleteFree online developers tools
ReplyDeleteAfter seeing your article I want to say that the presentation is very good and also a well-written article with some very good information which is very useful for the readers....thanks for sharing it and do share more posts like this.
ReplyDeleteangularjs-Training in tambaram
angularjs-Training in sholinganallur
angularjs-Training in velachery
angularjs Training in bangalore
angularjs Training in bangalore
angularjs Training in btm
I found your blog while searching for the updates, I am happy to be here. Very useful content and also easily understandable providing.. Believe me I did wrote an post about tutorials for beginners with reference of your blog.
ReplyDeleteJava training in Bangalore | Java training in Btm layout
Java training in Bangalore |Java training in Rajaji nagar
Java training in Bangalore | Java training in Kalyan nagar
Inspiring writings and I greatly admired what you have to say , I hope you continue to provide new ideas for us all and greetings success always for you..Keep update more information.
ReplyDeleterpa training in chennai
rpa training in bangalore
rpa course in bangalore
best rpa training in bangalore
rpa online training
I appreciate your efforts because it conveys the message of what you are trying to say. It's a great skill to make even the person who doesn't know about the subject could able to understand the subject . Your blogs are understandable and also elaborately described. I hope to read more and more interesting articles from your blog. All the best.
ReplyDeletepython training Course in chennai
python training in Bangalore
Python training institute in bangalore
I would assume that we use more than the eyes to gauge a person's feelings. Mouth. Body language. Even voice. You could at least have given us a face in this test.
ReplyDeleteData Science Training in Indira nagar
Data Science training in marathahalli
Data Science Interview questions and answers
Data Science training in btm layout | Data Science Training in Bangalore
Data Science Training in BTM Layout | Data Science training in Bangalore
Data science training in kalyan nagar
Nice blog
ReplyDeletejava training in Marathahalli
spring training in Marathahalli
java training institute in Marathahalli
spring and hibernate training in Marathahalli
ReplyDeleteInformative Blog, Thank you to share this
Regards,
Best Devops Training in Chennai | Best Devops Training Institute in Chennai
Really you have done great job,There are may person searching about that now they will find enough resources by your post.
ReplyDeleteDevops Training in Chennai | Devops Training Institute in Chennai
Wonderful thanks for sharing an amazing idea. keep it...
ReplyDeleteLooking for Hadoop Admin Training in Bangalore, learn from Softgen Infotech provide Hadoop Admin Training on online training and classroom training. Join today!
awesome thanks for sharing.......!
ReplyDeleteinplant training in chennai
inplant training in chennai for it
panama web hosting
syria hosting
services hosting
afghanistan shared web hosting
andorra web hosting
belarus web hosting
brunei darussalam hosting
inplant training in chennai
very good post...!
ReplyDeleteinternship in chennai for ece students
internships in chennai for cse students 2019
Inplant training in chennai
internship for eee students
free internship in chennai
eee internship in chennai
internship for ece students in chennai
inplant training in bangalore for cse
inplant training in bangalore
ccna training in chennai
This comment has been removed by the author.
ReplyDeleteThis is awesome post. Really very informative and creative contents. These concept is a good way to enhance the knowledge.
ReplyDeleteaws training in chennai | aws training in annanagar | aws training in omr | aws training in porur | aws training in tambaram | aws training in velachery
I am really happy by seeing your post.
ReplyDeleteBEST ANGULAR JS TRAINING IN CHENNAI WITH PLACEMENT
https://www.acte.in/angular-js-training-in-chennai
https://www.acte.in/angular-js-training-in-annanagar
https://www.acte.in/angular-js-training-in-omr
https://www.acte.in/angular-js-training-in-porur
https://www.acte.in/angular-js-training-in-tambaram
https://www.acte.in/angular-js-training-in-velachery
It is an awesome post.
ReplyDeleteAngularJS training in chennai | AngularJS training in anna nagar | AngularJS training in omr | AngularJS training in porur | AngularJS training in tambaram | AngularJS training in velachery
Excellent content.
ReplyDeletePython Training in Chennai | Certification | Online Training Course | Python Training in Bangalore | Certification | Online Training Course | Python Training in Hyderabad | Certification | Online Training Course | Python Training in Coimbatore | Certification | Online Training Course | Python Training in Online | Python Certification Training Course
This is awesome post. Really very informative and creative contents. These concept is a good way to enhance the knowledge.
ReplyDeleteweb designing training in chennai
web designing training in omr
digital marketing training in chennai
digital marketing training in omr
rpa training in chennai
rpa training in omr
tally training in chennai
tally training in omr
Good Post! Thank you so much for sharing this pretty post, it was so good to read and useful to improve my knowledge as updated one, keep blogging
ReplyDeletehardware and networking training in chennai
hardware and networking training in tambaram
xamarin training in chennai
xamarin training in tambaram
ios training in chennai
ios training in tambaram
iot training in chennai
iot training in tambaram
Your blog is very useful for my work. Keep sharing this kind of useful information.
ReplyDeleteangular js training in chennai
angular js training in velachery
full stack training in chennai
full stack training in velachery
php training in chennai
php training in velachery
photoshop training in chennai
photoshop training in velachery
I found your blog while searching for the updates, I am happy to be here. Very useful content and also easily understandable providing.. Believe me I did wrote an post about tutorials for beginners with reference of your blog.
ReplyDeletehadoop training in chennai
hadoop training in annanagar
salesforce training in chennai
salesforce training in annanagar
c and c plus plus course in chennai
c and c plus plus course in annanagar
machine learning training in chennai
machine learning training in annanagar
thanks for sharing such a wonderfull article.
ReplyDeleteWeb design Training in Chennai
Web design Training in Velachery
Web design Training in Tambaram
Web design Training in Porur
Web design Training in Omr
Web design Training in Annanagar
Wonderful post!!Thank you for sharing this info with us.
ReplyDeleteData Science Online Training
Python Online Training
Thanks for sharing information to our knowledge, it helps me plenty keep sharing…
ReplyDeletePython online training in Bangalore
Python Training Institute in Bangalore
Python Certification Course in Bangalore