CVE Certified
GHDB

PHP Shell (unprotected)

prev next

Google search: intitle:"PHP Shell *" "Enable stderr" filetype:php

Hits: 7377

Submited: 2004-07-12

PHP Shell is a shell wrapped in a PHP script. It's a tool you can use to execute arbiritary shell-commands or browse the filesystem on your remote Web server. This replaces, to a degree, a normal telnet-connection. You can use it for administration and maintenance of your Web site using commands like ps, free, du, df, and more.If these shells aren't protected by some form of authentication, an attacker will basicly *own* the server. This search finds such unprotected phpshells by looking for the keyword "enable stderr".