US:+16362902365 & BD:+8801711573570

info@techgensolution.com

A Leading Web Development Company 

Sharing is caring!

Overview
In the process of many infiltrations, the infiltrator will upload a sentence Trojan ( Webshell for short) ) to the current web service directory and then grant the right to obtain system permissions, regardless of asp, php, jsp, aspx, then what is the word Trojan?

[ Basic Principles ] Using the file upload vulnerability , upload a sentence to the target website, and then you chopper.execan get and control the entire website directory locally through the Chinese kitchen knife . @ indicates that even if an error is executed, no error is reported. eval()The function indicates that the statement string in parentheses is all executed as code. $_POST[‘attack’]Indicates that the parameter value of attack is obtained from the page.
———————

(1) php code should be written in , the server can recognize this is the php code, and then to parse.
(2) The @ symbol means no error, even if the execution is wrong, no error is reported.

To be continued…

Sharing is caring!

Grab the latest deals on your inbox

Your email is safe ❤️ . I hate SPAM same as you!

Techgen IT Solution provides its clients with a variety of offshore business solutions like system design, .NET technology stack including C#, ASP.NET, MVC, Web API, SQL, Entity Framework, JavaScript and related technologies, namely AngularJS, Knockout, NodeJS etc

USA OFFICE

BD OFFICE 

© 2019 Techgen IT Solution. All Rights Reserved.

shares