Skip to main content

Featured Post

Kali Linux Terminal Customization Tutorial

Today I'll show you guys how to change kali linux terminal header text.
5 comments

Finding Php Shell Scripts In Your Website

PHP vulnerabilities are the norm, there is not much that can be done to prevent uploads of malicious files on a PHP site when there are world writeable directories especially when your website is using a well known open source community driven software product to power your website.PHP shell code can usually be found in many websites around the web specially when the administrator does not know much about how to clean out the backdoors after a hack has been done.





Here is a simple bash shell script that will search your public_html directories for common method with a large number of files. It will dump the results to a file called "php_backdoors" which you can examine to determine what is and what is not a false positive.

To use this shell script just past this into a file called checker.sh in the directory before your public_html folder, then run it with the following command:
sh checker.sh

script :

#!/bin/bash cd public_html/ find . -type f \( -iname "1.*" -o -iname "sh.php" \) -print0 >> ../php_backdoors find . -type f \( -iname "*.php" -o -iname "*.inc" \) -print0 | xargs -0 -r grep -REn \ '(c99|r57|exif_read_data|extract|passthru|shell_ex ec|base64_decode|fopen|fclose|eval|Refresh|refresh |justrulz)' >> ../php_backdoors find . -type f \( -iname "*.gif" -o -iname "*.jpg" -o -iname "*.jpeg" \) -print0 | xargs -0 -r grep -REn \ '(eval|base64_decode)' >> ../image_backdoors 


Note: It is not the best but it is a good one for a start

Leave your comments for inspire us :) 
Labels:

Comments

Post a Comment

Popular posts from this blog

[Bank Transfer Tutorial] Prepaid Card Cashout

1. You will goto card.com and get a prepaid card with checking acc using the bank logs info to sign up with, only change the billing address to your drop address. It will take 3-5 days for you to receive and activate the card but you can deposit after registration is successfull. And as far as you havent caused any changes on the account, the owner will not be notified. 2. Go to venmo and register an account with the prepaid account details. Verify the venmo acc with the ssn and dob. 3. After a day, add the prepaid account to your venmo acc and verify it. Add the bank log details to the venmo acc and verify it. Two days gone. 4. On the third day, load less than $11,000 in your venmo balance. 5. On the next day, cashout less than $10000 into your prepaid account. the money is yours. 6. The mail containing the card would have reached your drop. Activate it online and cashout immediately. Warning. 1. Prepaid cards take only $10,000 and less. If more than $1000...
48 comments
Keep Reading

Get Any Premium Templates Free @ ThemeForest! ( Full Method )

Hi all! Today I'm going to share to you how to get any premium templates  in ThemeForest without downloading any shitty files or viruses. I think you guys enjoy this tutorial ;) . This also includes some screenshots to guide you :D Go to Google Put this query at the search box. intitle:"index.of" themeforest-4260361-journal-advanced-opencart-theme-framework.zip  Replace "4260361" with the number of your desired template. Replace "journal-advanced-opencart-theme-framework" with the name of your desired template. Then hit enter! And you will be seeing direct links of the template you want For example: I want this template. http://themeforest.net/item/ avada-responsive-multipurpose-theme / 2833226 So this would be my query: intitle:"index.of" themeforest- 2833226 - avada-responsive-multipurpose-theme .zip Screenshot A simple thanks or rep is much appreciated Enjoy
2 comments
Keep Reading

Some most important google dorks

Salam all , today i can give you some most important google dorks . whos help you for hacking . lets see blew - Dork for finding shell inurl:.php “cURL: ON MySQL: ON MSSQL: OFF” “Shell” filetype:php intext:”uname -a:” “EDT 2010? intitle:”intitle:r57shell” [ phpinfo ] [ php.ini ] [ cpu ] [ mem ] [ users ] [ tmp ] [ delete ] inurl:”c99.php” & intext:Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout inurl:”c100.php” & intext:Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout intitle:”Shell” inurl:”.php” & intext:Encoder Tools Proc. FTP brute Sec. SQL PHP-code Updat Dork html injection inurl:"id=" & intext:"warning: mysql_fetch-assoc() inurl:"id=" & intext:"warning: mysql_fetch-array() inurl:"id=" & intext:"warning: mysql_num_rows() inurl:"id=" & intext:"warning: session_satrt() inurl:"id=...
Post a Comment
Keep Reading