Shulou(Shulou.com)05/31 Report--

This article mainly introduces the php back door hiding skills, which has a certain reference value, interested friends can refer to, I hope you can learn a lot after reading this article, the following let the editor take you to understand it.

1. Attrib + s + h

Create a system hidden file:

Attrib + s + a + r + h

Attrib + s + h file name

Under Windows 10, even if the hidden items are turned on, or dir is still not visible.

two。 Use ADS to hide files

NTFS switched data streams (Alternate Data Streams, referred to as ADS) is a feature of NTFS disk format. Under NTFS file system, each file can have multiple data streams. The popular understanding is that other files can be "hosted" on a file, but only the host file can be seen in the explorer, but the host file can not be found. We can do a lot of interesting things with ADS data flow. (copied)

First create an ADS hidden file

On the command line, echo a data stream, such as an index file is a normal file.

Echo ^

The 3.php environment variable leaves shell

Create this directory on disk c

Throw a picture and say a word

And then the file is included, just fine. For concealment, it can include picture horse, txt, etc.

4. Immortal horse

After running, it deletes itself and generates a webshell.php, which is also generated after the administrator deletes it.

/ / the backdoor type can be modified by yourself.

Once all this is done, restart the web service.

Method 1. If the authority is very large, restart yourself manually, the shortcomings are easy to be exposed, restart the service, you have to go to the server, a certain server, remote login has SMS reminder.

Method 2. Is to load a php_socke.php script and ask him to reload php.ini

Any php can be connected with a kitchen knife at this back door.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.