Community Learn Tools Library Leisure

English

Home > Backend Development > PHP Tutorial > body text

Analysis of a backdoor method in pw_PHP tutorial

WBOY

Release： 2016-07-21 15:55:01

Original

1090 people have browsed it

A way to put a backdoor in pw

databbscacheadmin_record.php records background login and operations. Let’s see how to operate this file:

adminadmincp.php:

$bbsrecordfile=D_P."data/bbscache/admin_record.php";
if(!file_exists($bbsrecordfile)){
writeover($bbsrecordfile,"n");
}//This if just says that if admin_record.php does not exist, use code to generate one

What if we just edit admin_record.php and delete :)

Let’s take a look at our code written into admin_record.php

You log in to http://localhost/PHPVind_GBK_6.0RC/upload/admin.php in the background
Use whatever you like Wrong user login will have the following record:

|admin|s|Logging Failed|127.0.0.1|1191667510|

Haha So we can write our code through this, but here It is filtered and cannot be used<

So our backdoor should be left like this: instead of

Related labels：

admin data analyze put Way method of

source：php.cn

Previous article：Implementation of permission algorithm under php_PHP tutorial Next article：PHP and SQL injection attacks [2]_PHP tutorial

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Latest Articles by Author

What is a NullPointerException, and how do I fix it?

2024-10-22 09:46:29
From Novice to Coder: Your Journey Begins with C Fundamentals

2024-10-13 13:53:41
Unlocking Web Development with PHP: A Beginner's Guide

2024-10-12 12:15:51
Demystifying C: A Clear and Simple Path for New Programmers

2024-10-11 22:47:31
Unlock Your Coding Potential: C Programming for Absolute Beginners

2024-10-11 19:36:51
Unleash Your Inner Programmer: C for Absolute Beginners

2024-10-11 15:50:41
Automate Your Life with C: Scripts and Tools for Beginners

2024-10-11 15:07:41
PHP Made Easy: Your First Steps in Web Development

2024-10-11 14:21:21
Build Anything with Python: A Beginner's Guide to Unleashing Your Creativity

2024-10-11 12:59:11
The Key to Coding: Unlocking the Power of Python for Beginners

2024-10-11 12:17:31

Latest Issues

How to display the mobile version of Google Chrome Hello teacher, how can I change Google Chrome into a mobile version?

From 2024-04-23 00:22:19

0

9

1588

There is no output in the parent window document.onclick = function(){ window.opener.document.write('I am the output of the child ...

From 2024-04-18 23:52:34

0

1

1284

Where is the courseware about CSS mind mapping? Courseware

From 2024-04-16 10:10:18

0

0

1335

PHP arrays obtained from URL parameters do not behave as expected I have a URL parameter that contains the category ID and I want to treat it as an array li...

From 2024-04-06 22:09:02

0

1

1428

Where should I place CustomLog directive in apache I'm using php:7.2-apachedocker. I need to disable health check url login access log. Based...

From 2024-04-06 22:03:59

0

1

990

Related Topics

More>

Popular Recommendations

Popular Tutorials

More>

Related Tutorials

Popular Recommendations

Latest courses

Latest Downloads

More>

Web Effects

Website Source Code

Website Materials

Front End Template