Thao tác bằng shell hoặc lện server.
Common Usage for Finding Vulnerabilities
- Command Injection
$ grep -Rn "shell_exec *( " /var/www
- LFI/RFI
$ grep -Rn "include *(" /var/www
$ grep -Rn "require *(" /var/www
$ grep -Rn "include_once *(" /var/www
$ grep -Rn "require_once *(" /var/www
Detect Backdoor Shell
$ grep -Rn "shell_exec *(" /var/www
$ grep -Rn "base64_decode *(" /var/www
$ grep -Rn "phpinfo *(" /var/www
$ grep -Rn "system *(" /var/www
$ grep -Rn "php_uname *(" /var/www
$ grep -Rn "chmod *(" /var/www
$ grep -Rn "fopen *(" /var/www
$ grep -Rn "fclose *(" /var/www
$ grep -Rn "readfile *(" /var/www
$ grep -Rn "edoced_46esab *(" /var/www
$ grep -Rn "eval *(" /var/www
$ grep -Rn "passthru *(" /var/www
orgrep -RPn "(passthru|shell_exec|system|phpinfo|base64_decode|chmod|mkdir|fopen|fclose|readfile|php_uname|eval|tcpflood|udpflood|edoced_46esab) *\(" /var/www
find . -type f -name '*.php' | xargs grep -l "eval *(str_rot13 *(base64_decode *(" --color
find . -type f -name '*.php' | xargs egrep -i "(mail|fsockopen|pfsockopen|stream_socket_client|exec|system|passthru|eval|base64_decode) *\("
Sử dụng tool scan shell.
Không có nhận xét nào:
Đăng nhận xét