|Google Dork Description: PHP Shell (unprotected)||GHDB-ID: 327|
|Google Search: intitle:"PHP Shell *" "Enable stderr" filetype:php||EDB-ID: N/A|
PHP Shell is a shell wrapped in a PHP script. It's a tool you can use to execute arbiritary shell-commands or browse the filesystem on your remote Web server. This replaces, to a degree, a normal telnet-connection. You can use it for administration and maintenance of your Web site using commands like ps, free, du, df, and more.If these shells aren't protected by some form of authentication, an attacker will basicly *own* the server. This search finds such unprotected phpshells by looking for the keyword "enable stderr".