Google Hacking

GOOGLE HACKING TRICKS, LEARN SECRETS OF HACKING

«
»

PHP Shell (unprotected)

Posted by cyberdevil on November 20, 2006

PHP Shell is a shell wrapped in a PHP script. It’s a tool you can use to execute arbiritary shell-commands or browse the filesystem on your remote Web server. This replaces, to a degree, a normal telnet-connection. You can use it for administration and maintenance of your Web site using commands like ps, free, du, df, and more.

If these shells aren’t protected by some form of authentication, an attacker will basicly *own* the server. This search finds such unprotected phpshells by looking for the keyword “enable stderr”.

Click below for the Google search ==> intitle:”PHP Shell *” “Enable stderr” filetype:php

http://www.google.com/search?num=100&hl=en&lr=&ie=UTF-8&safe=off&q=intitle%3A%22PHP+Shell+*%22+%22Enable+stderr%22+filetype%3Aphp&btnG=Search

This entry was posted on November 20, 2006 at 8:37 am and is filed under FootHolds. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

You must be logged in to post a comment.

«
»