Monday, January 21, 2013

PHP BACKDOOR / C99 SHELL


PHP BACKDOOR SCRIPT

Today we will talk about php backdoor ;)

Its nothing but cool php script that we can use in order to

1)      Travel across directories
2)      View files
3)      Edit files
4)      Download files
5)      Delete files
6)      Edit files
7)      Upload files
8)      Execute MySql queries / commands
9)      Bypass mod_security
10)   Permissions to directory/folders
11)   Execute shell commands

In short this is a script which everyone must have. But always remember it’s a hack don’t upload it on your server. If you upload it on any apache server anyone can  play GOD. So don’t forget to remove from server when you are done.
I have uploaded it on my github.



LINK: My GITHUB backdoor script




Thanks for reading.

Enjoy & Be Open

7 comments:

  1. Since you're being so nice with this script, at least tell how to protect from it. Unless your goal is destroying other people's work

    ReplyDelete
    Replies
    1. Protection countermeasures are formed using the tools and information from the previous steps. Here are some bullets in the PHP configuration that sysadmins must pay attention:

      1)allow_url_fopen: PHP file functions are allowed to include remote files from external FTP or HTTP locations. This option is enabled by default installation and is rarely used.
      2) Dangerous PHP functions: Using the disable_functions field in the php.ini, disable all the dangerous PHP system functions (system, shell_exec, passthru etc) that might be used from malicious codes. Be careful with the rare cases in which some web platforms need some of these function.
      3) open_basedir: Use this variable in the php.ini configuration to limit file operations to the defined directory and low.
      4) web user permission: Carefully examine the web user access level and its permission.

      By carefully editing the PHP security audit report options, adopting an automate malware detection tool and examining the bullets mentioned above, an adequate security level is established for your running web servers and platforms.

      Delete
  2. hello amit.

    i'm new with penetration testing and i love to learn and study about it. currently, i've been focusing on web application security. can you explain how i can handle backdoor after i upload it into server? i mean, what is the next step i should do after i upload it? to recall back the php and taking over the server. what tool should i use? metasploit or sqlmap? i've backtrack running on my laptop. truth is, i'm not fully finish studying backtrack and web app. i hope you can guide a noob like me :)

    ReplyDelete
    Replies
    1. Hey,

      I have did some research and I think you should go for BackTrack. Just install it on your distro and check for Web Application Analysis.
      Attachment Image from BcakTrack
      http://i.imgur.com/LpfcsTu.jpg?1


      Delete
  3. Hello Admin, thank you for enlightening us with your knowledge sharing. PHP has become an inevitable part of web development, and with proper PHP training in Chennai, one can have a strong career in the web development field. We from Fita provide PHP course in Chennai with the best facilitation. Any aspiring students can join us for the best PHP training institute in Chennai.

    ReplyDelete