How to check PHP back Door?

I am a beginner , study PHP sometimes , I’ll kown how to find PHP Back Door , Can U Help me ?

It’s can be a tricky task, depending on how backdoor was implemented.
The general idea is to search for files with suspicious code inside.
Such code can contain eval(), base64_decode(), exec() and other system functions calls.
It can also use variables as function names to make it harder to find:

$foo = 'e' . 'va' . 'l';
$foo($someEvilCode);

It’s easier to find these files if you have a list of “legal” files and their MD5-sums. Having such list you can compare actual files on your server with that list and find which was added or changed externally.

Are you hacker ? Frequently if a hacker gets access to your website they will install a “backdoor”

No, I’m on the Light side of the Force.

And that’s why topic starter asks about how to find them, I guess :smiley:

1 Like

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.