Home > Developer > PHP

DVBBS7.1 backend uses jpg access backdoors to supplement WebShell Problems

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >
Dvbbs7.1 in upfile. added the upload check in asp. so I used to like the sad method. When I passed the jpg database backdoor, there was a problem. Solution: I used dvbbstoshell.gif, but after downloading it, we changed the opening method to WinRAR. The specific process is as follows: 1.dvbbstoshell.gif (or other backdoor with similar functions)

Dvbbs7.1 in upfile. added the upload check in asp. so I used to like the sad method. When I passed the jpg database backdoor, there was a problem. Solution: I used dvbbstoshell.gif, but after downloading it, we changed the opening method to WinRAR. The specific process is as follows: 1.dvbbstoshell.gif (or other backdoor with similar functions)

Dvbbs7.1 added the upload check in upfile. asp, so I used to like the sad method in the jpg database. BackdoorIt's time to go out. Problem

Solution:
The trojan is also dvbbstoshell.gif, but after downloading it, we change the Open Method to WinRAR.

Specific process:
1.dvbbstoshell.gif (or other Backdoor)
2. Change the open mode to WinRAR in file properties.

3.upload the dvbbstoshell.gif file and select the location where the post is published. Because this part does not check the gif signature.
(Do not select the place where the Avatar is uploaded .)

4. Record the uploaded address BackgroundRestore Backdoor.

5. Execute Backdoor, Write new Backdoor. Test the function.
Prerequisites:
You get Forum dvbbs7.1 Background.

You only need to change the open mode to asp. asa. aspx. cer. cer. cdx. htr (as mentioned in WinRAR ).

The following are the patches that have been installed in the upfile. asp file.

CODE:
'Determine whether the file type is qualified
Private Function CheckFileExt (FileExt)
Dim ForumUpload, I
ForumUpload = "gif, jpg, bmp, jpeg, png"
ForumUpload = Split (ForumUpload ,",")
CheckFileExt = False
For I = 0 to UBound (ForumUpload)
? If LCase (FileExt) = Lcase (Trim (ForumUpload (I) Then
??? CheckFileExt = True
??? Exit Function
? End If
Next
End Function
'Format suffix
Function FixName (UpFileExt)
If IsEmpty (UpFileExt) Then Exit Function
FixName = Lcase (UpFileExt)
FixName = Replace (FixName, Chr (0 ),"")
FixName = Replace (FixName ,".","")
FixName = Replace (FixName, "asp ","")
FixName = Replace (FixName, "asa ","")
FixName = Replace (FixName, "aspx ","")
FixName = Replace (FixName, "cer ","")
FixName = Replace (FixName, "cdx ","")
FixName = Replace (FixName, "htr ","")
End Function
'File Content-Type judgment
Private Function CheckFileType (FileType)
CheckFileType = False
If Left (Cstr (Lcase (Trim (FileType), 6) = "p_w_picpath/" Then CheckFileType = True
End Function

SupplementLower
In fact, this method is one step more than the method of "like sorrow": Change the Open Method to WinRAR in the file attribute
Today, when I got a service site for an Internet cafe in Kunming, many of them met ProblemI tried to find this defect when I went back to the dormitory. I felt that the method was the same as that of "dvbbs7.1 ". Background"Webshell" is much easier to use than the methods mentioned by many people later. Let's share them with you. What are the better methods or the errors in the methods I mentioned? Please send them out.

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
how to create backend in php hsl supplement antivirus supplement change xps to jpg change nef to jpg convert jpg to thumbnail convert jpg to url

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More