Skip to main content

Featured Post

Kali Linux Terminal Customization Tutorial

Today I'll show you guys how to change kali linux terminal header text.
5 comments

Finding Php Shell Scripts In Your Website

PHP vulnerabilities are the norm, there is not much that can be done to prevent uploads of malicious files on a PHP site when there are world writeable directories especially when your website is using a well known open source community driven software product to power your website.PHP shell code can usually be found in many websites around the web specially when the administrator does not know much about how to clean out the backdoors after a hack has been done.





Here is a simple bash shell script that will search your public_html directories for common method with a large number of files. It will dump the results to a file called "php_backdoors" which you can examine to determine what is and what is not a false positive.

To use this shell script just past this into a file called checker.sh in the directory before your public_html folder, then run it with the following command:
sh checker.sh

script :

#!/bin/bash cd public_html/ find . -type f \( -iname "1.*" -o -iname "sh.php" \) -print0 >> ../php_backdoors find . -type f \( -iname "*.php" -o -iname "*.inc" \) -print0 | xargs -0 -r grep -REn \ '(c99|r57|exif_read_data|extract|passthru|shell_ex ec|base64_decode|fopen|fclose|eval|Refresh|refresh |justrulz)' >> ../php_backdoors find . -type f \( -iname "*.gif" -o -iname "*.jpg" -o -iname "*.jpeg" \) -print0 | xargs -0 -r grep -REn \ '(eval|base64_decode)' >> ../image_backdoors 


Note: It is not the best but it is a good one for a start

Leave your comments for inspire us :) 
Labels:

Comments

Post a Comment

Popular posts from this blog

[Bank Transfer Tutorial] Prepaid Card Cashout

1. You will goto card.com and get a prepaid card with checking acc using the bank logs info to sign up with, only change the billing address to your drop address. It will take 3-5 days for you to receive and activate the card but you can deposit after registration is successfull. And as far as you havent caused any changes on the account, the owner will not be notified. 2. Go to venmo and register an account with the prepaid account details. Verify the venmo acc with the ssn and dob. 3. After a day, add the prepaid account to your venmo acc and verify it. Add the bank log details to the venmo acc and verify it. Two days gone. 4. On the third day, load less than $11,000 in your venmo balance. 5. On the next day, cashout less than $10000 into your prepaid account. the money is yours. 6. The mail containing the card would have reached your drop. Activate it online and cashout immediately. Warning. 1. Prepaid cards take only $10,000 and less. If more than $1000...
48 comments
Keep Reading

7,000 Dorks for Sql Injection

7,000 Dorks for hacking into various sites               about.php?cartID=         accinfo.php?cartId=         acclogin.php?cartID=         add.php?bookid=         add_cart.php?num=         addcart.php?         addItem.php         add-to-cart.php?ID=         addToCart.php?idProduct=         addtomylist.php?ProdId=         adminEditProductFields.php?intProdID=         advSearch_h.php?idCategory=         affiliate.php?ID=         affiliate-agreement.cfm?storeid=  ...
Post a Comment
Keep Reading

How to use google dorks (Google dork using)

Hello guys , today i will show you that, how to use google dork for hacking, Its very basic and most important thing for hacking ;) . So, Let's start - You can use google dorks to find SQL injection vulnerabilities. Here is an example of google dork: Code: inurl:index.php?id= +.com This one will search for "index.php?id" in the URL in .com domains Here is list with SQLi dorks: Code: http://pastebin.com/wUyRb0k8 You can add + (domainhere) Here are some examples: Code: inurl: index.php?id= +.com inurl: index.php?id= +.net inurl: index.php?id= +.org inurl: index.php?id= +.cc inurl: index.php?id= +.ws inurl: index.php?id= +.edu inurl: index.php?id= +.gov Also you could search for keywords by that way: Code: inurl:index.php?id= intext"keyword" just type intext"keyword" and change keyword with something for example credit card. I think this is enough for basics of google dorks, since I don't want 1000000000000 defanced websites after publishing this....
4 comments
Keep Reading