Shell Backdoor List : PHP / ASP Shell Backdoor List

Shell Backdoor is a malicious piece of code (e.g. PHP, Python, Ruby) that can be uploaded to a site to gain access to files stored on that site. Once it is uploaded, the hacker can use it to edit, delete, or download any files on the site, or upload their own.

How to upload?

Hackers usually take advantage of an upload panel designed for uploading images onto sites. This is usually found once the hacker has logged in as the admin of the site. Shells can also be uploaded via exploits or remote file inclusion, or a virus on the computer.

Uses

Shells have many uses. They can be used to edit the webserver directory index page of site, and then hackers can leave their mark or “deface” for visitors to the site to see when they go to the homepage. Hackers may also use it to bruteforce FTP or cPanel, allowing them more access to the website. Shells can also be used to gain root access to the site. Some hackers may choose to host malware or spyware on the sites they have uploaded their shell to using various exploits.

  • Please note that many shells contain malware and ‘Mark / deface page’ might contain malware to obtain visitor’s password as well.

Also Read – SWFPFinder : SWF Potential Parameters Finder

Prevention

To prevent a site from having a shell uploaded onto it, a webmaster must always keep up with the latest security updates and make sure to have a secure admin panel. They must also make sure that if they do have an admin panel they make sure it only permits the user to upload .jpeg, .png, and other image file types only.

Shell Backdoor List

PHP Shell :

ASP Shell :
R K

Recent Posts

Playwright-MCP : A Powerful Tool For Browser Automation

Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…

3 hours ago

JBDev : A Tool For Jailbreak And TrollStore Development

JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…

23 hours ago

Kereva LLM Code Scanner : A Revolutionary Tool For Python Applications Using LLMs

The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…

1 day ago

Nuclei-Templates-Labs : A Hands-On Security Testing Playground

Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…

1 day ago

SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft

SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…

1 day ago

ollvm-unflattener : A Tool For Reversing Control Flow Flattening In OLLVM

Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…

1 day ago